URL: https://turfologie.fr.gd/
Submission: On January 29 via manual from BF — Scanned from FR

Summary

This website contacted 88 IPs in 8 countries across 104 domains to perform 653 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is turfologie.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.
This is the only time turfologie.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.238.27.28 15598 (IPX-AS15598)
3 2606:4700::68... 13335 (CLOUDFLAR...)
25 2a00:1450:400... 15169 (GOOGLE)
21 178.162.223.113 28753 (LEASEWEB-...)
3 95.142.100.82 8455 (ATOM86-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
3 178.162.223.114 28753 (LEASEWEB-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
7 13 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 87.118.71.104 31103 (KEYWEB-AS)
1 176.9.183.55 24940 (HETZNER-AS)
1 108.138.36.78 16509 (AMAZON-02)
3 3.75.56.58 16509 (AMAZON-02)
2 8 35.204.82.244 396982 (GOOGLE-CL...)
1 1 185.51.218.247 202140 (DIS DIS I...)
3 16 2a00:6800:3:a... 42730 (EVANZOAS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
15 2400:52e0:1e0... 200325 (BUNNYCDN)
7 2400:52e0:1e0... 200325 (BUNNYCDN)
2 178.254.33.33 42730 (EVANZOAS)
2 148.251.152.47 24940 (HETZNER-AS)
2 2a00:6800:3:5... 42730 (EVANZOAS)
1 3 52.28.39.71 16509 (AMAZON-02)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
74 195.90.208.185 42730 (EVANZOAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.29.28.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 45.133.44.24 39572 (ADVANCEDH...)
4 5 2604:9e00:1:1... 27257 (WEBAIR-IN...)
5 198.134.116.29 27257 (WEBAIR-IN...)
3 3 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 3 2604:9e00:1:1... 27257 (WEBAIR-IN...)
4 4 18.195.71.253 16509 (AMAZON-02)
4 8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 173.239.53.18 27257 (WEBAIR-IN...)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
3 4 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 174.137.133.16 27257 (WEBAIR-IN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 198.134.116.28 27257 (WEBAIR-IN...)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 52.19.138.177 16509 (AMAZON-02)
9 23.50.131.94 20940 (AKAMAI-ASN1)
2 2 18.245.31.69 16509 (AMAZON-02)
2 34.195.224.242 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.225.185.110 14618 (AMAZON-AES)
2 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 104.102.45.165 16625 (AKAMAI-AS)
1 185.217.104.157 197651 (THEHUTGRO...)
12 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 142.250.184.198 15169 (GOOGLE)
1 3.9.158.88 16509 (AMAZON-02)
9 12 142.250.185.162 15169 (GOOGLE)
6 12 172.64.151.101 13335 (CLOUDFLAR...)
9 12 185.89.210.82 29990 (ASN-APPNEX)
2 2 18.185.82.92 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
5 2a02:128:7:49... 50245 (SERVEREL-AS)
78 149.56.148.224 16276 (OVH)
1 108.138.36.89 16509 (AMAZON-02)
1 108.138.36.69 16509 (AMAZON-02)
4 95.211.229.246 60781 (LEASEWEB-...)
4 139.45.195.8 9002 (RETN-AS)
3 139.45.197.245 9002 (RETN-AS)
4 139.45.195.253 9002 (RETN-AS)
2 6 2606:4700:311... 13335 (CLOUDFLAR...)
1 60 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 8.238.190.121 3356 (LEVEL3)
34 23.53.40.17 20940 (AKAMAI-ASN1)
1 163.181.92.238 24429 (TAOBAO Zh...)
2 52.56.219.216 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
12 23.239.7.51 63949 (AKAMAI-LI...)
2 2600:9000:225... 16509 (AMAZON-02)
7 151.101.193.21 54113 (FASTLY)
1 18.169.9.11 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.223.141.84 ()
653 88
Apex Domain
Subdomains
Transfer
86 milibris.com
campaigns.milibris.com
content.milibris.com — Cisco Umbrella Rank: 657442
api-marketing.milibris.com
11 MB
73 bitporno.de
bitporno.de
868 KB
60 hp.com
www.hp.com — Cisco Umbrella Rank: 15376
2 MB
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
435 KB
34 akamaized.net
cdn-dimi.akamaized.net — Cisco Umbrella Rank: 164541
369 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
99 KB
24 webme.com
theme.webme.com
img.webme.com — Cisco Umbrella Rank: 414033
189 KB
17 arc.io
arc.io — Cisco Umbrella Rank: 30076
static.arc.io — Cisco Umbrella Rank: 60604
core.arc.io — Cisco Umbrella Rank: 78783
tracker.arc.io Failed
warden.arc.io
279 KB
12 gdurl.com
gdurl.com — Cisco Umbrella Rank: 867725
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
13 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
6 KB
12 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11475
as.ad4m.at — Cisco Umbrella Rank: 29340
assets.ad4m.at — Cisco Umbrella Rank: 41583
149 KB
12 adnade.net
adnade.net
deliver.adnade.net
71 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 364
209 KB
10 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11960
3.bp.blogspot.com — Cisco Umbrella Rank: 14261
2.bp.blogspot.com — Cisco Umbrella Rank: 15271
4.bp.blogspot.com — Cisco Umbrella Rank: 15285
49 KB
9 whookroo.com
ak.whookroo.com — Cisco Umbrella Rank: 121085
43 KB
8 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 81816
6 KB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3015
www.sandbox.paypal.com — Cisco Umbrella Rank: 51553
163 KB
7 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 33273
edge.cookiefirst.com — Cisco Umbrella Rank: 38670
34 KB
7 1clic1don.fr
www.1clic1don.fr
67 KB
6 mnaspm.com
go.mnaspm.com — Cisco Umbrella Rank: 15612
4 KB
5 yomeno.xyz
vast.yomeno.xyz — Cisco Umbrella Rank: 62754
7 KB
5 realtime-bid.com
filter.realtime-bid.com
65 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
61 KB
4 zblkqa.com
cdn.zblkqa.com — Cisco Umbrella Rank: 22181
54 KB
4 datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226
2 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
2 KB
4 magsrv.com
s.magsrv.com — Cisco Umbrella Rank: 15034
9 KB
4 sandothesooile.info
xdufs.sandothesooile.info
pkuwp.sandothesooile.info
684 KB
4 sobisy.com
sobisy.com — Cisco Umbrella Rank: 406544
2 KB
3 offmantiner.com
offmantiner.com — Cisco Umbrella Rank: 179013
15 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 28599
api.webgains.io — Cisco Umbrella Rank: 69568
19 KB
3 tradedoubler.com
imp.tradedoubler.com — Cisco Umbrella Rank: 185677
grow-platform.tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 90788 Failed
169 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
4 MB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 adflyer.media
xml.adflyer.media — Cisco Umbrella Rank: 270196
545 B
3 adtube.media
xml.adtube.media — Cisco Umbrella Rank: 212323
633 B
3 ctrtraffic.com
xml.ctrtraffic.com — Cisco Umbrella Rank: 429960
846 B
3 thenetwork18.com
xml.thenetwork18.com — Cisco Umbrella Rank: 299101
1 KB
3 yieldads.net
api.yieldads.net — Cisco Umbrella Rank: 120597
15 KB
3 visifeed.org
visifeed.org — Cisco Umbrella Rank: 119580
2 KB
3 gstatic.com
t3.gstatic.com
fonts.gstatic.com
88 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
196 KB
2 joingekko.com
link.joingekko.com — Cisco Umbrella Rank: 752246
redirect.joingekko.com — Cisco Umbrella Rank: 882548
2 KB
2 dynamicyield.com
cdn-eu.dynamicyield.com — Cisco Umbrella Rank: 22065
177 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
60 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
2 KB
2 secprf.com
r.secprf.com — Cisco Umbrella Rank: 281714
880 B
2 olivedinflats.space
olivedinflats.space — Cisco Umbrella Rank: 259454
1 KB
2 xmladsystem.com
xml.xmladsystem.com — Cisco Umbrella Rank: 399202
278 B
2 infinity-info.com
xml.infinity-info.com — Cisco Umbrella Rank: 301665
342 B
2 fusilare.com
fusilare.com
1 KB
2 flurryad.com
xml.flurryad.com — Cisco Umbrella Rank: 302520
655 B
2 mediacpc.com
xml.mediacpc.com
602 B
2 rtbfactory.com
xml.rtbfactory.com — Cisco Umbrella Rank: 238451
278 B
2 varcuringordsetts.com
varcuringordsetts.com — Cisco Umbrella Rank: 247247
2 KB
2 zentrixads.com
xml.zentrixads.com — Cisco Umbrella Rank: 405789
493 B
2 such.de
such.de — Cisco Umbrella Rank: 568807
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 billigerscheiss.de
billigerscheiss.de
400 B
2 hubu.link
tool.hubu.link
25 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 33863
static.a-ads.com — Cisco Umbrella Rank: 46799
171 KB
2 adz2you.xyz
adz2you.xyz
365 B
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 57836
644 B
2 linkredirect.biz
www.linkredirect.biz
3 KB
2 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5688
15 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 567
295 B
1 cafeyn.co
cdn.cafeyn.co
46 KB
1 goinstore.com
gis.goinstore.com — Cisco Umbrella Rank: 61326
36 KB
1 linkbux.com
www.linkbux.com — Cisco Umbrella Rank: 144219
1 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384
4 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 55633
2 KB
1 myprotein.it
www.myprotein.it
1 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 romancedale.com
nrebxx.romancedale.com
8 KB
1 makeinsanemoney.com
trk.makeinsanemoney.com
988 B
1 workers.dev
becast.onionlive.workers.dev — Cisco Umbrella Rank: 183129
1 KB
1 eximdigital.com
xml.eximdigital.com — Cisco Umbrella Rank: 289286
324 B
1 charmgriff.com
charmgriff.com
656 B
1 trackingvo.com
trackingvo.com
777 B
1 clickmi.net
xml.clickmi.net — Cisco Umbrella Rank: 334924
325 B
1 updatessughing.com
updatessughing.com
755 B
1 tubecorp.com
cdn.tubecorp.com — Cisco Umbrella Rank: 352678
17 KB
1 muggel.net
eu4-de84.muggel.net
1 KB
1 chatlotto.de
embed.chatlotto.de
625 B
1 misaglam.com
deli.misaglam.com — Cisco Umbrella Rank: 842485
484 B
1 sparkasse-fickmuehlen.de
sparkasse-fickmuehlen.de
531 B
1 cdn-binance.com
cdn-binance.com
531 B
1 acpm.fr
collecte.numeo.acpm.fr
464 B
1 admediatex.net
admediatex.net — Cisco Umbrella Rank: 448163
988 B
1 fwdtrk.com
fwdtrk.com
fwd.fwdtrk.com Failed
2 KB
1 mr-shop.de
www.mr-shop.de
33 KB
1 asrv205.com
asrv205.com
1 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12324
12 KB
1 root-top.com
img.root-top.com
5 KB
1 pubdirecte.com
pubdirecte.com
2 KB
1 fr.gd
turfologie.fr.gd
350 KB
0 tradetracker.net Failed
sc.tradetracker.net Failed
0 adzgame.com Failed
sub.adzgame.com Failed
0 baddiesporn.com Failed
baddiesporn.com Failed
0 lesbiansextube.com Failed
lesbiansextube.com Failed
0 cpmaffiliation.com Failed
www.cpmaffiliation.com Failed
653 104
Domain Requested by
78 content.milibris.com campaigns.milibris.com
www.1clic1don.fr
73 bitporno.de deliver.adnade.net
bitporno.de
60 www.hp.com 1 redirects r.linksprf.com
www.hp.com
34 cdn-dimi.akamaized.net nrebxx.romancedale.com
cdn-dimi.akamaized.net
25 pagead2.googlesyndication.com turfologie.fr.gd
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
www.googletagmanager.com
21 theme.webme.com turfologie.fr.gd
14 static.arc.io arc.io
core.arc.io
static.arc.io
12 gdurl.com pkuwp.sandothesooile.info
xdufs.sandothesooile.info
12 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
12 tpc.googlesyndication.com turfologie.fr.gd
tpc.googlesyndication.com
11 adnade.net 1 redirects www.1clic1don.fr
adnade.net
deliver.adnade.net
10 cdn.cookielaw.org www.hp.com
cdn.cookielaw.org
eu4-de84.muggel.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
turfologie.fr.gd
9 ak.whookroo.com eu4-de84.muggel.net
ak.whookroo.com
8 r.linksprf.com 4 redirects eu4-de84.muggel.net
7 campaigns.milibris.com 2 redirects www.1clic1don.fr
campaigns.milibris.com
7 www.1clic1don.fr 1 redirects www.linkredirect.biz
www.1clic1don.fr
6 go.mnaspm.com 2 redirects deliver.adnade.net
6 assets.ad4m.at as.ad4m.at
6 consent.cookiefirst.com adnade.net
consent.cookiefirst.com
5 www.sandbox.paypal.com www.paypal.com
www.sandbox.paypal.com
5 vast.yomeno.xyz bitporno.de
cdn.tubecorp.com
deliver.adnade.net
5 filter.realtime-bid.com eu4-de84.muggel.net
4 maxcdn.bootstrapcdn.com pkuwp.sandothesooile.info
xdufs.sandothesooile.info
4 cdn.zblkqa.com deliver.adnade.net
4 datatechone.com ak.whookroo.com
offmantiner.com
4 my.rtmark.net ak.whookroo.com
offmantiner.com
4 s.magsrv.com cdn.tubecorp.com
bitporno.de
deliver.adnade.net
4 ad.doubleclick.net turfologie.fr.gd
4 sobisy.com 4 redirects
4 ad4m.at deli.misaglam.com
ad4m.at
4 1.bp.blogspot.com turfologie.fr.gd
3 offmantiner.com becast.onionlive.workers.dev
offmantiner.com
eu4-de84.muggel.net
3 s0.2mdn.net googleads.g.doubleclick.net
turfologie.fr.gd
3 www.googletagservices.com turfologie.fr.gd
3 xml.adflyer.media 2 redirects eu4-de84.muggel.net
3 xml.adtube.media 3 redirects
3 xml.ctrtraffic.com 2 redirects eu4-de84.muggel.net
3 xml.thenetwork18.com 3 redirects
3 api.yieldads.net 1 redirects visifeed.org
api.yieldads.net
3 visifeed.org fwdtrk.com
visifeed.org
3 3.bp.blogspot.com turfologie.fr.gd
3 img.webme.com turfologie.fr.gd
3 cdnjs.cloudflare.com turfologie.fr.gd
static.arc.io
2 www.googletagmanager.com www.hp.com
www.googletagmanager.com
2 www.paypal.com www.hp.com
www.sandbox.paypal.com
2 cdn-eu.dynamicyield.com www.hp.com
2 code.jquery.com pkuwp.sandothesooile.info
xdufs.sandothesooile.info
2 api.webgains.io analytics.webgains.io
2 www.awin1.com 1 redirects as.ad4m.at
2 r.secprf.com 2 redirects
2 pkuwp.sandothesooile.info eu4-de84.muggel.net
pkuwp.sandothesooile.info
2 xdufs.sandothesooile.info eu4-de84.muggel.net
xdufs.sandothesooile.info
2 olivedinflats.space 2 redirects
2 as.ad4m.at ad4m.at
as.ad4m.at
2 xml.xmladsystem.com eu4-de84.muggel.net
2 xml.infinity-info.com eu4-de84.muggel.net
2 fusilare.com 2 redirects
2 xml.flurryad.com 2 redirects
2 xml.mediacpc.com 2 redirects
2 xml.rtbfactory.com eu4-de84.muggel.net
2 varcuringordsetts.com 2 redirects
2 xml.zentrixads.com 1 redirects eu4-de84.muggel.net
2 fonts.gstatic.com fonts.googleapis.com
2 such.de 1 redirects api.yieldads.net
2 fonts.googleapis.com ad.a-ads.com
cdn-dimi.akamaized.net
2 billigerscheiss.de 2 redirects
2 tool.hubu.link adnade.net
tool.hubu.link
2 adz2you.xyz www.1clic1don.fr
2 t.adcell.com 1 redirects asrv205.com
2 www.linkredirect.biz pubdirecte.com
www.linkredirect.biz
2 static.wixstatic.com turfologie.fr.gd
2 2.bp.blogspot.com turfologie.fr.gd
1 warden.arc.io static.arc.io
1 www.google-analytics.com static.arc.io
1 geolocation.onetrust.com cdn.cookielaw.org
1 redirect.joingekko.com www.linkbux.com
1 link.joingekko.com 1 redirects
1 cdn.cafeyn.co campaigns.milibris.com
1 api-marketing.milibris.com campaigns.milibris.com
1 gis.goinstore.com www.hp.com
1 www.linkbux.com r.linksprf.com
1 clk.tradedoubler.com r.linksprf.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 grow-platform.tradedoubler.com as.ad4m.at
1 imp.tradedoubler.com 1 redirects
1 track.webgains.com as.ad4m.at
1 www.myprotein.it such.de
1 www.google.com eu4-de84.muggel.net
1 nrebxx.romancedale.com eu4-de84.muggel.net
1 trk.makeinsanemoney.com 1 redirects
1 becast.onionlive.workers.dev eu4-de84.muggel.net
1 xml.eximdigital.com 1 redirects eu4-de84.muggel.net
1 charmgriff.com 1 redirects
1 trackingvo.com 1 redirects
1 xml.clickmi.net 1 redirects eu4-de84.muggel.net
1 updatessughing.com 1 redirects
1 cdn.tubecorp.com bitporno.de
1 edge.cookiefirst.com consent.cookiefirst.com
1 static.a-ads.com ad.a-ads.com
1 eu4-de84.muggel.net deliver.adnade.net
1 deliver.adnade.net adnade.net
1 ad.a-ads.com adnade.net
1 embed.chatlotto.de cdn-binance.com
1 deli.misaglam.com sparkasse-fickmuehlen.de
1 sparkasse-fickmuehlen.de adnade.net
1 cdn-binance.com adnade.net
1 core.arc.io arc.io
1 collecte.numeo.acpm.fr 1 redirects
1 admediatex.net www.1clic1don.fr
1 arc.io www.1clic1don.fr
1 fwdtrk.com asrv205.com
1 www.mr-shop.de asrv205.com
1 asrv205.com turfologie.fr.gd
1 blogger.googleusercontent.com turfologie.fr.gd
1 img.root-top.com turfologie.fr.gd
1 4.bp.blogspot.com turfologie.fr.gd
1 t3.gstatic.com turfologie.fr.gd
1 pubdirecte.com turfologie.fr.gd
1 turfologie.fr.gd
0 tracker.arc.io Failed static.arc.io
0 sc.tradetracker.net Failed r.linksprf.com
0 sub.adzgame.com Failed eu4-de84.muggel.net
0 baddiesporn.com Failed eu4-de84.muggel.net
0 lesbiansextube.com Failed eu4-de84.muggel.net
0 fwd.fwdtrk.com Failed fwdtrk.com
0 www.cpmaffiliation.com Failed turfologie.fr.gd
653 130
Subject Issuer Validity Valid
fr.gd
R3
2024-01-22 -
2024-04-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
misc.webme.com
R3
2024-01-22 -
2024-04-21
3 months crt.sh
pubdirecte.com
R3
2023-11-14 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
img.webme.com
R3
2024-01-22 -
2024-04-21
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-01 -
2024-06-29
6 months crt.sh
root-top.com
E1
2023-12-28 -
2024-03-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
asrv205.com
GTS CA 1P5
2023-12-04 -
2024-03-03
3 months crt.sh
1clic1don.fr
GTS CA 1P5
2023-12-13 -
2024-03-12
3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2
2023-07-28 -
2024-07-27
a year crt.sh
fwdtrk.com
R3
2024-01-20 -
2024-04-19
3 months crt.sh
arc.io
Amazon RSA 2048 M03
2024-01-22 -
2025-02-18
a year crt.sh
admediatex.net
GTS CA 1P5
2024-01-13 -
2024-04-12
3 months crt.sh
visifeed.org
R3
2024-01-09 -
2024-04-08
3 months crt.sh
*.milibris.com
Gandi RSA Domain Validation Secure Server CA 3
2023-09-25 -
2024-09-25
a year crt.sh
adnade.net
R3
2023-12-02 -
2024-03-01
3 months crt.sh
adz2you.xyz
GTS CA 1P5
2023-12-02 -
2024-03-01
3 months crt.sh
static.arc.io
R3
2024-01-20 -
2024-04-19
3 months crt.sh
core.arc.io
R3
2024-01-20 -
2024-04-19
3 months crt.sh
cdn-binance.com
R3
2023-12-02 -
2024-03-01
3 months crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2024-12-16
a year crt.sh
sparkasse-fickmuehlen.de
R3
2024-01-09 -
2024-04-08
3 months crt.sh
deli.misaglam.com
R3
2024-01-06 -
2024-04-05
3 months crt.sh
embed.chatlotto.de
R3
2023-12-02 -
2024-03-01
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-27 -
2025-01-26
a year crt.sh
deliver.adnade.net
R3
2023-12-02 -
2024-03-01
3 months crt.sh
tool.hubu.link
R3
2023-12-05 -
2024-03-04
3 months crt.sh
api.yieldads.net
Amazon RSA 2048 M01
2023-10-04 -
2024-11-02
a year crt.sh
eu4-de84.muggel.net
R3
2023-12-01 -
2024-02-29
3 months crt.sh
bitporno.de
R3
2023-12-01 -
2024-02-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
such.de
Amazon RSA 2048 M01
2023-08-31 -
2024-09-29
a year crt.sh
cdn.tubecorp.com
R3
2023-12-06 -
2024-03-05
3 months crt.sh
*.realtime-bid.com
AlphaSSL CA - SHA256 - G4
2023-02-27 -
2024-03-30
a year crt.sh
linksprf.com
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
*.rtbfactory.com
AlphaSSL CA - SHA256 - G4
2023-02-02 -
2024-03-05
a year crt.sh
*.ctrtraffic.com
AlphaSSL CA - SHA256 - G4
2023-03-06 -
2024-04-06
a year crt.sh
zentrixads.com
R3
2023-12-14 -
2024-03-13
3 months crt.sh
*.infinity-info.com
AlphaSSL CA - SHA256 - G4
2023-07-26 -
2024-08-26
a year crt.sh
onionlive.workers.dev
GTS CA 1P5
2024-01-04 -
2024-04-03
3 months crt.sh
xmladsystem.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.romancedale.com
R3
2023-12-22 -
2024-03-21
3 months crt.sh
ak.hetaruwg.com
R3
2024-01-15 -
2024-04-14
3 months crt.sh
sandothesooile.info
R3
2023-12-31 -
2024-03-30
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
adflyer.media
R3
2023-12-20 -
2024-03-19
3 months crt.sh
myprotein.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-12 -
2024-04-24
a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-10 -
2025-01-10
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
vast.yomeno.xyz
R3
2024-01-23 -
2024-04-22
3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03
2023-08-30 -
2024-09-27
a year crt.sh
magsrv.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
rtmark.net
R3
2023-12-23 -
2024-03-22
3 months crt.sh
offmantiner.com
R3
2024-01-05 -
2024-04-04
3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-10 -
2024-12-23
a year crt.sh
www.hp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-20
a year crt.sh
*.zblkqa.com
Sectigo ECC Domain Validation Secure Server CA
2023-10-17 -
2024-11-16
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
mnaspm.com
GTS CA 1P5
2023-12-18 -
2024-03-17
3 months crt.sh
*.linkbux.com
RapidSSL TLS RSA CA G1
2023-07-26 -
2024-08-08
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-01-28 -
2024-04-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
gdurl.com
R3
2024-01-17 -
2024-04-16
3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02
2023-09-03 -
2024-10-01
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-01-24 -
2024-08-21
7 months crt.sh
*.goinstore.com
Amazon RSA 2048 M01
2023-09-14 -
2024-10-12
a year crt.sh
*.cafeyn.co
Gandi Standard SSL CA 2
2023-06-12 -
2024-06-12
a year crt.sh
joingekko.com
E1
2024-01-16 -
2024-04-15
3 months crt.sh
www.sandbox.paypal.com
DigiCert EV RSA CA G2
2023-12-27 -
2025-01-26
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh

This page contains 80 frames:

Primary Page: https://turfologie.fr.gd/
Frame ID: D16A71A9E4705BDF09A6B7D170A74ED9
Requests: 50 HTTP requests in this frame

Frame: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-1558107153-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaYjW15uZxXKXm2ycZQ%253D%253D&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaojW15uZxXKXm2ycZQ%253D%253D&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNka4jW15uZxXKXm2ycZQ%253D%253D
Frame ID: 3E26B5E189E7CDDDAB51C825A9DD72AC
Requests: 2 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: A94ED1E21F3EA06D65F03A4FCA0D3FDA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 155D60FF18FB2125B62552367C6882F6
Requests: 1 HTTP requests in this frame

Frame: https://www.1clic1don.fr/tagpdis.php
Frame ID: 8A09DB6950EB9E9E8A7FE83223E89606
Requests: 15 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=364266&slotId=105746&pv=1
Frame ID: DC2639A21B536A89A4712ADD04CAE41B
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjUyODEzNH0%3D
Frame ID: 1928317F08CBE3B582ABF299F929710E
Requests: 2 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a612b&ci=yCbq1Ov%3B&its=9F%5Bt%2ALp5e%3DbA%7DQD%3BxkPWbU%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 105C1A2BD22ADC57B771BF3407E32F42
Requests: 2 HTTP requests in this frame

Frame: https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Frame ID: 690D34F95FD5D106B81968D7FDC1BDC2
Requests: 162 HTTP requests in this frame

Frame: https://adnade.net/ptp/?user=pas30
Frame ID: 86EDB0C9375BF5E590EB555C36939EF8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706528134&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528134162&bpp=2&bdt=209&idt=299&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1130722925840&frm=20&pv=2&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=310
Frame ID: 752B294F237F44C1514822E3A199F81C
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.xyz/serve/show.php?a=33&b=468x15
Frame ID: 919EF902A9125110840B3517AEB5A24A
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.xyz/serve/show.php?a=33&b=236x15
Frame ID: 7C86B0A4E4A60D4762BB01C7223CBFF3
Requests: 1 HTTP requests in this frame

Frame: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 38624290BDDE51528329B8473C34641F
Requests: 2 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?76bc4f3
Frame ID: 366AA6A0519C5265F190BA4FEE46D3A5
Requests: 7 HTTP requests in this frame

Frame: https://sparkasse-fickmuehlen.de/partner/
Frame ID: 05A025CC77A9189133D5B732E4193F77
Requests: 1 HTTP requests in this frame

Frame: https://www.myprotein.it/?affil=awin&utm_content=yieldkit&utm_term=Sub+Networks&utm_source=AWin-143466&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=143466&awc=7614_1706528135_6d8724eebc1d3bf0a31b3c99375efbeb
Frame ID: B59B92FCD4E0CC5C945D53B6FAC188B8
Requests: 5 HTTP requests in this frame

Frame: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Frame ID: 00AF8BF20EB1440569F7317D5E0D0982
Requests: 3 HTTP requests in this frame

Frame: https://embed.chatlotto.de/?chatroom=93b4e8d7dbbfe0e6
Frame ID: F9C7F59C34F92C47A1C4C4B72DDC9DEE
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Frame ID: 2EA793437E94D8E516953C9408BDC585
Requests: 5 HTTP requests in this frame

Frame: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Frame ID: 904D1DCDCC7B7CA2509F6911E4F6A9A8
Requests: 2 HTTP requests in this frame

Frame: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Frame ID: AF997CDFFA501838B8282A0D7DCFD3C7
Requests: 1 HTTP requests in this frame

Frame: https://bitporno.de/
Frame ID: 490D48F4C6CAEE26F26BB38F30DBCDDE
Requests: 92 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 4BDB46B72FD067AC6D355655C1E17A7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706528135&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528135057&bpp=1&bdt=1104&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1130722925840&frm=20&pv=1&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Frame ID: 71200BE1A1DA8F9540A76F07296A1E36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706528135&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528135057&bpp=1&bdt=1103&idt=1&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1130722925840&frm=20&pv=1&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=7
Frame ID: 873A4691A2B9074F927B18BA99D69303
Requests: 1 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
Frame ID: 62E01F33F97A5B9D837F8BF0A87AAD61
Requests: 2 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
Frame ID: 69CB4DB459157181AC99F5F832BF8439
Requests: 2 HTTP requests in this frame

Frame: https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun
Frame ID: DA39ABBCA76F2CE1662F7EBDFFAF03EE
Requests: 3 HTTP requests in this frame

Frame: https://xml.rtbfactory.com/redirect?feed=633210&auth=5NdnT6&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: CF1721FC0C19DB9360BE016FABB5A99A
Requests: 1 HTTP requests in this frame

Frame: https://lesbiansextube.com/video22.html
Frame ID: 78575B2E380C053F951C88C7F87F5922
Requests: 1 HTTP requests in this frame

Frame: https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528138&url=http%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit
Frame ID: 3B7DFFC42A5DA9F7DDE51D24C051486D
Requests: 3 HTTP requests in this frame

Frame: https://clk.tradedoubler.com/click?p=20215&a=1910362&epi=v030400015923974b2c536305480488f6dad90645ad11
Frame ID: 111AF7377ABBEB3446225E4C128D07A8
Requests: 3 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
Frame ID: 4F8E5BC42E7D688BD5AF1D274ACB896F
Requests: 2 HTTP requests in this frame

Frame: https://baddiesporn.com/video16.html
Frame ID: 9C991EA1090D21B1461020F6A6CCA898
Requests: 1 HTTP requests in this frame

Frame: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Frame ID: C31257661F1A9E88E008F7AC5BCB1A09
Requests: 85 HTTP requests in this frame

Frame: https://xml.ctrtraffic.com/redirect?feed=629199&auth=zLr9BW&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 8AA828630996324C744BE124600B9A7B
Requests: 1 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
Frame ID: 6DC661DC4E56826A59B8DA85C2656DDE
Requests: 2 HTTP requests in this frame

Frame: https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=1768346ae2274ed594e177d64573a01a&yk_tag=w2u2g1krriij63qu2kbfj05g
Frame ID: BE62439DF7BDAB402A6B827AE83B850F
Requests: 1 HTTP requests in this frame

Frame: https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: A49946640609ED61A3E18FE51BF0DEE8
Requests: 1 HTTP requests in this frame

Frame: https://xml.infinity-info.com/redirect?feed=634483&auth=gPnHL5&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 9A430CF31B68302BEE146D870E946BD5
Requests: 1 HTTP requests in this frame

Frame: https://sub.adzgame.com/redirect?feed=634020&auth=kYcx8E&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: 0CD96FAE6A18D8E756D84C135400772D
Requests: 1 HTTP requests in this frame

Frame: https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false&rb=FLf1ZnqFoweMbjCozKKtSCrg4CjONLRuF-xrmFRFWJMvNaKbGyjbAiaNcsyngfYzp7ZDT9TINXhWEbo5M_S2FQ_3WcuoTr1XEqYXj0iaCWkNeiAZDMd1MTx4U5US71YTXMi-GCLKpJJS3p2y4i9XoIGVTfm-qy8YmIqFc2vt9mT15NMcXvoTQUXoqTC-Ca8u1OoYvyg8MmWGnWa9LUXUj3BBYB83eWHq-3RfZvRvdTeGPfOOPmVDEFKMmKawvo9GvV5avPYb6jiNppWmc6cojrgp27cqt8AXeh2mNzQByrvRIvr4EGjzNIG5V9Jnh_zEDahr2q6BwGuaZ1FEcCbv3N9hnMs=&sfr=timeout
Frame ID: 4515963C7EE2FC089AA3B36791045490
Requests: 6 HTTP requests in this frame

Frame: https://xml.xmladsystem.com/redirect?feed=615319&auth=W8TMJ0&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 784F39CE37D7792772917A6C0E9AE70E
Requests: 1 HTTP requests in this frame

Frame: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Frame ID: D01859991F698651231A42FFBD7915BB
Requests: 37 HTTP requests in this frame

Frame: https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=LRwW8VhudYaBZRAv9dHbicV0-xdXqJCFNZfpUWwTYH2SRmYhsH4lha3LCtkWk-78rsX_p1wSgL_VcPLJ8QxNx5ZwCFcoJ6-E8VvllBQqzDtIPwWNbsKDQW0dzxT9t6OMYje2jkvTFWg62KI8Fii35Uwu0w2Y1nRZoDhfKlwyFzmBW5UvxrSsILtzOTeMbcBRH8VZ09mHRcE0KnRfFJMQvKQTBHPe602BSHnLUZCasvvTxzV0BoJD0Ke1R9LXZwEgF1zf8CBkQDrkn0kQG-hEVG1WtIe7LEssgnbUkg==&sfr=timeout
Frame ID: FE52A481E857FD3AD689B3872FE87AFD
Requests: 5 HTTP requests in this frame

Frame: https://lesbiansextube.com/video20.html
Frame ID: 8541F6B24A6EF4BB884C87F2F25D0706
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Frame ID: A1A716DECED3DD0D499F53256A218080
Requests: 14 HTTP requests in this frame

Frame: https://xml.rtbfactory.com/redirect?feed=633223&auth=hWvnzW&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 3605372274B2DE69CD4B0D0E55AD7865
Requests: 1 HTTP requests in this frame

Frame: https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=r9HRRBzA6-RIzzc4tWzIu-kIX0iEvqdZQIwZGmEC4KwecH78C-IQX00vk9Gu6jaKIWCsY4JnL512ed1Z_NQQQJyx0J5uFvGIw9iFMHA3Jz9ObkQzFg0u9dWTm49fsHhlbB4zT_26jWAYRhpYx_aeh2nnl34hQ9uLswE8GSyr_gPVGyxWvtRtkRt1NgopYPOXG72eLqcHFFa0L3AbaztY4GaZKboQY-yELm9aW3RgQia3FWl2wGdVf-D7B-HVCrdJ3gMBJpfLr26zwbUYMEeHiRNrb8Ic_uCp8clevA==&sfr=timeout
Frame ID: 1116014E91DF6E3B0D8086C9ED40B67C
Requests: 5 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
Frame ID: A6CD778DC8F81EF3FAFA0C2730408702
Requests: 2 HTTP requests in this frame

Frame: https://xml.eximdigital.com/redirect?feed=634442&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: 4F67DDD6670D20D5040D1287107172C3
Requests: 1 HTTP requests in this frame

Frame: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Frame ID: 272AF8892D5ACF9170492438DE376618
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwijx7CghPSDAxV-0gIHHbybCL8QFnoECBMQAQ&url=https%3A%2F%2Fswisskauf.us%2F&usg=AOvVaw1cMRF4vjB-hvkO3ZzRww3E&opi=89978449
Frame ID: BB09264E0730BC4AC6C4F27EBD278A88
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmladsystem.com/redirect?feed=615320&auth=ywL5Zd&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: DABBF8F1D5FCA6A0546F9EAEBE6FC5B0
Requests: 1 HTTP requests in this frame

Frame: https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 7AEBCB65BAF159C31E1088892A7827E2
Requests: 1 HTTP requests in this frame

Frame: https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=RoI0FbOohkRFXNza9Qm6CtDoBqN5kH4otFhM7zyCvncKtZCZ5yo6mac94eCIl_uI3UoDle3r33kUhMcdKx2m3MP2U8wKg8dvJytcLrm8njh4uta9Tx4faNDFMTUUJRGo3wSeLUtJkt3o2YQ4EkSp6aCyIrlNyyskEVX5rxCBuZjfjCMd-EUJ96-az_LOP2aAb06yCqjpBPU8o4RvliSG1fDMgPRd441DAQkqApfKmVUvqpKHl2enwnV5d6nJxRfwK6rxx1H7r3k0oKtEQE4Yxrc_JBNXFkvuf76LTA==&sfr=timeout
Frame ID: 30D2BDB2C31C7C4F328C28AF414561A2
Requests: 5 HTTP requests in this frame

Frame: https://xml.infinity-info.com/redirect?feed=634482&auth=JoigQT&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 1A11FF6148D3BE64008B5BCA1BE35433
Requests: 1 HTTP requests in this frame

Frame: https://sub.adzgame.com/redirect?feed=634021&auth=FZfz2y&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: BDB2F658B2117BB3F3E69D465E305F6C
Requests: 1 HTTP requests in this frame

Frame: https://xml.clickmi.net/redirect?feed=615324&auth=4h0n5N&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: E7925D8589E8740040A22E0E660D6646
Requests: 1 HTTP requests in this frame

Frame: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Frame ID: D47E636A78B68AF0813EB36CF1FAE07B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 32F06EA5C299A5DED9E5CCD288F99170
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6F45E0F9CC30C60176BDB860487C43C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 120737C4ECB23DDB62F465549AE216F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Frame ID: 884ACFB4B99AFE508087A471FD888B89
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Frame ID: F8130EDA63E70DA7E257F9E1F97B19FA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Frame ID: C50432039FA9A996C18FE00CFA131C94
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/13820531351744016112
Frame ID: 28DC98C452868685936B08BF8E6A67C6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Frame ID: 742D0A40D8720867D001D590C52FDA04
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Frame ID: A1A96ADED4496F4ED8418E5AD0A9048B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DB5D657E75BF07260709E0BA54299BC9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0DCA9CE006E63CC6B6616106DAC351DF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AE9099AF8919786FDF7F8E0F317DF2C5
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4C7EBDC9E68B045DBBF4F77990549D4E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 64AC71190F95EADD30F7B15C32EEE233
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3BBD7ADCE7C335B7F9DD8247E7E4EF2F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D990FADE866D24FB1B086309ADE7E8F5
Requests: 1 HTTP requests in this frame

Frame: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
Frame ID: F180F413A7C548A71815986A42078DB8
Requests: 4 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?76bc4f3
Frame ID: 278C11575439CC5B6DE018A6CE10E44D
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?76bc4f3
Frame ID: FC1D1DFC7986EAC6C061F2C684A026EE
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

TURFOLOGIE: LA DOCTRINE DES TURFISTES - BIENVENUE

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

653
Requests

83 %
HTTPS

48 %
IPv6

104
Domains

130
Subdomains

88
IPs

8
Countries

23899 kB
Transfer

36051 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://t.adcell.com/p/image?promoId=364263&slotId=105746 HTTP 302
  • https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
Request Chain 60
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e HTTP 302
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b HTTP 302
  • https://collecte.numeo.acpm.fr/track?link=22026&n=20240119&cible=https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd= HTTP 303
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Request Chain 67
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 101
  • https://billigerscheiss.de/?t=1706528134&ln=1 HTTP 302
  • https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Request Chain 102
  • https://adnade.net/surfbar/?p=1 HTTP 302
  • https://billigerscheiss.de/?g=0 HTTP 302
  • https://bitporno.de/
Request Chain 108
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
  • https://such.de/y?t=myprotein.it&cid=7b7a19b12a40f5ced872fc6cac809145c7c58491694531408c8b6fb8406dd691&identifier=2b6f4b032d56a189 HTTP 302
  • https://such.de/search/myprotein.it
Request Chain 186
  • https://xml.zentrixads.com/redirect?feed=626946&auth=zhEF3k&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
Request Chain 187
  • https://xml.thenetwork18.com/redirect?feed=615317&auth=aX2pUJ&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
Request Chain 188
  • https://xml.ctrtraffic.com/redirect?feed=616706&auth=LtBzUz&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=619394&publisher=198307&campaign=1269681&source=619394.531734&subid=531734&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&ext_click_id=Vw1IzM7o*1A&bid=0.0002 HTTP 302
  • https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=619394&publisher=198307&campaign=1269681&source=619394.531734&subid=531734&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&ext_click_id=Vw1IzM7o%2A1A&bid=0.0002&ctrl_fetch_dest=iframe&ctrl_id=65b78d87c6d65308051900&ctrl_ts=1706528135.8144&ctrl_ab=burp HTTP 302
  • https://sobisy.com/bis/sob/?ctrl_ab=burp&ctrl_id=65b78d87c6d65308051900&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=1457d0c531694e8385587baba3775e59&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=88cc5440c333413390da98580af13aaf&yk_tag=w79rlimqhkl4p3qui4nqlcca HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=1457d0c531694e8385587baba3775e59&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=88cc5440c333413390da98580af13aaf&yk_tag=w79rlimqhkl4p3qui4nqlcca HTTP 302
  • https://r.linksprf.com/v2/go?t=etfpa%3Af%2F0wc.ci2k5u6.4o8%2F6r6c8%2F09011M1L074y3Wv2dEujrB.huS-u.swbFa%25R2nA3%25jtuh_l2uzcsUoBu0D79kYWpxii4pEVoi8mWc_Y%3Farb%3DVtUpZ3I%25SFF2Pw_whiIr4n3fX%26eih%3Dy0O0y050Z6n47a3fk8aet2mbc4xcb9n5l0w0wd%2F9sct3h&e=1&ai=88cc5440c333413390da98580af13aaf&sct=0&ct=1706528136399&cu=a0f886e628b446c5925c0c00df9acf3e&ykuid=66fb30ce552c4a6fa069a63de9eed6ec&sc=1&cs=f2ddf576f6e63a27effcb46f617802de
Request Chain 190
  • https://xml.mediacpc.com/redirect?feed=616707&auth=kv8WiI&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://lesbiansextube.com/video22.html
Request Chain 191
  • https://xml.mediacpc.com/redirect?feed=629756&auth=ojnfCi&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=618565&publisher=197658&campaign=1269681&source=618565.636095&subid=636095&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&ext_click_id=8WYmZA0dqiw&bid=0.0002 HTTP 302
  • https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=618565&publisher=197658&campaign=1269681&source=618565.636095&subid=636095&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&ext_click_id=8WYmZA0dqiw&bid=0.0002&ctrl_fetch_dest=iframe&ctrl_id=65b78d87ca7a2851346342&ctrl_ts=1706528135.8293&ctrl_ab=burp HTTP 302
  • https://sobisy.com/bis/sob/?ctrl_ab=burp&ctrl_id=65b78d87ca7a2851346342&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=b2a6ddb987f84565a0c155bdd690ad16&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=c533aae117c14a6ab29ac970a33fbaf1&yk_tag=w757ek1kvc5tl3qu2sjof70o HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=b2a6ddb987f84565a0c155bdd690ad16&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=c533aae117c14a6ab29ac970a33fbaf1&yk_tag=w757ek1kvc5tl3qu2sjof70o HTTP 302
  • https://r.linksprf.com/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-3et2pmaciaavisnartvs3i4i0i1c1F0%2592aAe%252pft5%3D2%26a621b1dac29%3D0%268417u%3Dh%3Ftt%25nAr2k%25aFtwd.rr.nta%2Fis.toh&e=1&ai=92836828f09d4120880d349bb055dbfa&sct=0&ct=1706528136304&cu=99dafe42ef45428a82db7dbc09205811&ykuid=31377e91a45149eab986c5877b8878d1&sc=1&cs=78130b1d72a04623352c1858a0c9b67e
Request Chain 192
  • https://xml.flurryad.com/redirect?feed=626944&auth=qBoLPX&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://updatessughing.com/e9d4eb85-3703-40e8-a8c0-ef663a60a1b4?banner=6191035&pubfeed=481949&siteid=600679&cost=0.0001&conversion=2oI8O1EyGiY HTTP 302
  • https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=e31f58e12a5b4da2b2abb18f026bad17&api_key=3cef6f5fcb3bbf1ec4dbced550ba7d84&site_id=51c5982bd8c245dc9684a6c23519f96c&dch=feed&ad_t=advertiser&offerid=4ed0489591fc440d031d7aae&yk_tag=wekaf6lq36mti3qui2ao0n5i HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=e31f58e12a5b4da2b2abb18f026bad17&api_key=3cef6f5fcb3bbf1ec4dbced550ba7d84&site_id=51c5982bd8c245dc9684a6c23519f96c&dch=feed&ad_t=advertiser&offerid=4ed0489591fc440d031d7aae&yk_tag=wekaf6lq36mti3qui2ao0n5i HTTP 302
  • https://r.linksprf.com/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=1706528135832&cu=974b2c536305480488f6dad90645ad11&ykuid=ad8a2792428942b49de9f2e856d2b526&sc=1&cs=80cb2391abab36a6a3705ba823ed9ad9
Request Chain 193
  • https://xml.clickmi.net/redirect?feed=615323&auth=R59YLB&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
Request Chain 194
  • https://xml.clixvista.com/redirect?feed=634146&auth=ZcZzdT&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://baddiesporn.com/video16.html
Request Chain 195
  • https://xml.ctrtraffic.com/redirect?feed=629202&auth=QnmDKl&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://trackingvo.com/fa065b47-3313-45d1-9137-db898edaa028?banner=6191036&pubfeed=481949&siteid=488231&cost=0.0001&conversion=5H3AMfWUMXs HTTP 302
  • https://charmgriff.com/charm/?charm=https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_id=689787cc15c7437fbc240a28cb9e12d4&dch=feed&ad_t=advertiser&offerid=53bd40e9e4b0a28530282455&yk_tag=w2u2g1krriij63qui080p6c0 HTTP 302
  • https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_id=689787cc15c7437fbc240a28cb9e12d4&dch=feed&ad_t=advertiser&offerid=53bd40e9e4b0a28530282455&yk_tag=w2u2g1krriij63qui080p6c0 HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_id=689787cc15c7437fbc240a28cb9e12d4&dch=feed&ad_t=advertiser&offerid=53bd40e9e4b0a28530282455&yk_tag=w2u2g1krriij63qui080p6c0 HTTP 302
  • https://r.linksprf.com/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1706528135960&cu=3eb7e03748654ea792da1ba32c2367ae&ykuid=ec6d290f705a4fc88df7661f0e600caf&sc=1&cs=dbd6539f40d1dc2217b52a7514985cd3
Request Chain 197
  • https://xml.eximdigital.com/redirect?feed=634443&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F HTTP 302
  • https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
Request Chain 198
  • https://xml.adflyer.media/redirect?feed=626962&auth=qAKAp2&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/fb5b2cf8-3681-4d35-9409-7659d1e6badb?pubfeed=618569&publisher=197658&campaign=1270859&source=618569.556415&subid=556415&pubzone=&offer=2793550&cost=0.0003&chs=0.0003&ext_click_id=GCmhehCATpI&bid=0.0003 HTTP 302
  • https://varcuringordsetts.com/fb5b2cf8-3681-4d35-9409-7659d1e6badb?pubfeed=618569&publisher=197658&campaign=1270859&source=618569.556415&subid=556415&pubzone=&offer=2793550&cost=0.0003&chs=0.0003&ext_click_id=GCmhehCATpI&bid=0.0003&ctrl_fetch_dest=iframe&ctrl_id=65b78d881746b512906461&ctrl_ts=1706528136.0953&ctrl_ab=burp HTTP 302
  • https://varcuringordsetts.com/ad888fae-fa27-4d56-9ed4-d540f97a4e5f?tsid=cb5d035f-da99-4254-8a9d-768eb8a8c8eb&cmpid=fb5b2cf8-3681-4d35-9409-7659d1e6badb&ofid=a7b10786-c0a2-40f3-860f-6d80f13f7090&flid=&pthid=92f856c0-0a3b-eed0-87fe-6836c60515df&lndid=&ctrl_id=65b78d881746b512906461&ctrl_fetch_dest=iframe&ctrl_ab=burp&cost=0.0003&cid=wucb05o163aud3qui03r8gi4 HTTP 302
  • https://sobisy.com/bis/sob/?ctrl_ab=burf&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=1768346ae2274ed594e177d64573a01a&yk_tag=w2u2g1krriij63qu2kbfj05g HTTP 302
  • https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=1768346ae2274ed594e177d64573a01a&yk_tag=w2u2g1krriij63qu2kbfj05g
Request Chain 202
  • https://xml.adtube.media/redirect?feed=631737&auth=5q8RSh&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://becast.onionlive.workers.dev/
Request Chain 204
  • https://xml.thenetwork18.com/redirect?feed=615318&auth=OjLd1I&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://trk.makeinsanemoney.com/go/377128fa-5ae0-43cb-9a59-da1f44aabd88?bid=0.0003&conversion=MzEV8laNnHc&pubfeed=600575&subid=602842&campaign=1272703&banner=6263872&keyword=*&offer=2796925&query=%7Bquery%7D&source_subid= HTTP 302
  • https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Request Chain 205
  • https://xml.adflyer.media/redirect?feed=615321&auth=cOpZmC&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://ak.whookroo.com/4/6600082
Request Chain 206
  • https://xml.clixvista.com/redirect?feed=634351&auth=soTzkH&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://lesbiansextube.com/video20.html
Request Chain 209
  • https://xml.mediacpc.com/redirect?feed=629755&auth=oNyUuc&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://ak.whookroo.com/4/6600082
Request Chain 210
  • https://xml.thenetwork18.com/redirect?feed=626939&auth=cUVzDz&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
Request Chain 212
  • https://xml.adtube.media/redirect?feed=615325&auth=nWjGCY&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926093&subid=604734.604222 HTTP 302
  • https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Request Chain 213
  • https://xml.flurryad.com/redirect?feed=626942&auth=CSVpPf&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwijx7CghPSDAxV-0gIHHbybCL8QFnoECBMQAQ&url=https%3A%2F%2Fswisskauf.us%2F&usg=AOvVaw1cMRF4vjB-hvkO3ZzRww3E&opi=89978449
Request Chain 216
  • https://xml.adflyer.media/redirect?feed=626960&auth=c2DVej&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://ak.whookroo.com/4/6600082
Request Chain 220
  • https://xml.adtube.media/redirect?feed=631735&auth=KA0htm&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926093&subid=604734.604222 HTTP 302
  • https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Request Chain 222
  • https://r.secprf.com/v1/redirect?url=https://myprotein.it&api_key=437c4407d7781aecb3ae0e97b520ec16&site_id=3563bc873b454ce0b690db7fc454b808&type=url&source=https://such.de/de/search/myprotein.it&yk_tag=7b7a19b12a40f5ced872fc6cac809145c7c58491694531408c8b6fb8406dd691 HTTP 302
  • https://r.secprf.com/v2/go?t=tt.pi%3At%2Frwy.Fw%25n2.Ao%25%2Fpwtl%3Dc%26.dhh%3Fui%3D%3Df6r4%26i0%3Db454c67cdi9kbee%3D4u4h3d8%26bl6c3rdfe%3Dc0100000c468634e3c4e3c35a4837a371c074132v1rdw%26%26ldchruf%3D%3Df5r3ccl7%26b05bc50c670db9fb4e448483c8ibk6e343seck.iecadce%3Dc0100000c468634e3c4e3c35a4837a371c074132v12de-k5i3cce7.bc5scf0r6c0lb%26f643418d8%26p1e71dsmcp.pekpihctasm3c%251Fi2amwpwo%2Fesntih&e=1&ai=5beee8c265ee48fca4e3107d2220f077&sct=0&ct=1706528135267&cu=38eac3e3c4534436a67cc070112c1edd&sr=1&ykuid=563a25a1d93e42928ddb1a50f702c24b&sc=1&cs=f760aa0aa333cffebd9051873d9f0b55 HTTP 302
  • https://www.awin1.com/awclick.php?mid=7614&id=143466&clickref=such.de&clickref2=v03040001438738eac3e3c4534436a67cc070112c1edd&clickref3=3563bc873b454ce0b690db7fc454b808&clickref4=such.de&awcr=v03040001438738eac3e3c4534436a67cc070112c1edd-3563bc873b454ce0b690db7fc454b808&pref1=such.de&p=https%3A%2F%2Fmyprotein.it HTTP 302
  • https://www.myprotein.it/?affil=awin&utm_content=yieldkit&utm_term=Sub+Networks&utm_source=AWin-143466&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=143466&awc=7614_1706528135_6d8724eebc1d3bf0a31b3c99375efbeb
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Request Chain 272
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNh2t3o9llTqUclAm.zwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1&google_hm=2
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Request Chain 274
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNhxo801NNq19dJP-kGAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Request Chain 280
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Request Chain 282
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNhxo801NNq19dJP-kGAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Request Chain 284
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Request Chain 285
  • https://imp.tradedoubler.com/imp?type(img)g(25525506)a(3040636)epi(oneidK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fqoneid__Influencer_TT_advancedad_300x250)549617024 HTTP 302
  • https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png
Request Chain 316
  • https://go.mnaspm.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOrprrolrunc5zpXSuldK6V0rpXSuldNZLXVPbNRU6iem3ee6qzSzSninaqq67TOquXifefPTNwfYA-&sourceId=5075902&p1=6294502&ax=0&skipOffset=00:00:05 HTTP 302
  • https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOrprrolrunc5zpXSuldK6V0rpXSuldNZLXVPbNRU6iem3ee6qzSzSninaqq67TOquXifefPTNwfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Request Chain 317
  • https://go.mnaspm.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSuldNZLXVPbNRU6vay3WbjOXOaqbOeyji3fTeWmie2i7bi5wfYA-&sourceId=5075902&p1=6294502&ax=0&skipOffset=00:00:05 HTTP 302
  • https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSuldNZLXVPbNRU6vay3WbjOXOaqbOeyji3fTeWmie2i7bi5wfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Request Chain 329
  • https://clk.tradedoubler.com/click?p=245746&a=1910362&epi=v0304000162123eb7e03748654ea792da1ba32c2367ae HTTP 302
  • https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=090d51c0d5cbac44a1d96a1d8c684e13&url=https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com+%28FR%29 HTTP 302
  • https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Request Chain 371
  • https://tc.tradetracker.net/?c=27843&m=12&a=191269&u=https%3A%2F%2Factivities.transavia.com%2Fes-es%2F%3Fpartner_id%3DS6FO0GK%26cmp%3Dtopnavigation&r=v03040001614099dafe42ef45428a82db7dbc09205811&u=http%3A%2F%2Fwww.transavia.com HTTP 301
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528136&url=http%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit
Request Chain 643
  • https://link.joingekko.com/deep-link?publisherkey=177c2213-1667-4e6c-8941-9f1e7b042c81&propertyid=789233&merchantid=174214&url=http%3A%2F%2Fwww.i-run.fr&clickid=lb_44tvvnb&subid=LB00000130 HTTP 302
  • https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun
Request Chain 671
  • https://tc.tradetracker.net/?c=27843&m=12&a=191269&u=https%3A%2F%2Factivities.transavia.com%2Fes-es%2F%3Fpartner_id%3DS6FO0GK%26cmp%3Dtopnavigation&r=v03040001614099dafe42ef45428a82db7dbc09205811&u=http%3A%2F%2Fwww.transavia.com HTTP 301
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528138&url=http%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit

653 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
turfologie.fr.gd/
532 KB
350 KB
Document
General
Full URL
https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
fr.gd
Software
nginx /
Resource Hash
39811cdfd6454046b9a69042fe5ee98adbc9d213b11af9917d2b45a8082504ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-15
Date
Mon, 29 Jan 2024 11:35:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Varnish
299018432
X-wm-1
64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP
193.238.27.28
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3417054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1618
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh6W5a3Gr6vqRCkSzkbuuEoCuSbhpO%2BSQzTQcjbudcWMBcauHzS5UjYNpb8i2H2sNLUCG3162Xb1w%2Bcsh%2FnnXF40LVJhc5E30qyNMKjw%2FWnwXKDMyyQ4wOJGUU01YkRSjxbkf5Jd2otAYuUTuTLWm0lv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d12c259a9dd3bb-CDG
expires
Sat, 18 Jan 2025 11:35:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5282d31bd166c830f8700c842a416f1937fe3b070c60786c979b835adb0b820c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Origin
https://turfologie.fr.gd
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51368
x-xss-protection
0
server
cafe
etag
11439847862490697662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 29 Jan 2024 11:35:34 GMT
navi_top.gif
theme.webme.com/designs/red/images/
179 B
591 B
Image
General
Full URL
https://theme.webme.com/designs/red/images/navi_top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
659
Content-Type
image/gif
X-Varnish
302941846, 480743724 481661678
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179
Expires
Mon, 11 Mar 2024 11:24:34 GMT
navi_bottom.gif
theme.webme.com/designs/red/images/
76 B
487 B
Image
General
Full URL
https://theme.webme.com/designs/red/images/navi_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
659
Content-Type
image/gif
X-Varnish
301603685, 482018285 480354167
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76
Expires
Mon, 11 Mar 2024 11:24:34 GMT
cont_top.gif
theme.webme.com/designs/red/images/
3 KB
3 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/cont_top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
759
Content-Type
image/gif
X-Varnish
294974918, 480743726 481176140
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2582
Expires
Mon, 11 Mar 2024 11:22:54 GMT
banniere.php
pubdirecte.com/script/
3 KB
2 KB
Script
General
Full URL
https://pubdirecte.com/script/banniere.php?said=132891
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
e42a2d5989d546587b4fffdb316eeb070488e76243d139724068b248b2793f4d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 11:35:34 GMT
Content-Encoding
gzip
Server
Apache
X-ssl
1
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
1071
Expires
Sun, 01 Jan 2014 00:00:00 GMT
images
t3.gstatic.com/
9 KB
9 KB
Image
General
Full URL
https://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9110
x-xss-protection
0
last-modified
Thu, 31 Dec 2015 23:52:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 28 Jan 2025 11:35:34 GMT
5936eaff2200001500c6c942.gif
img.webme.com/pic/t/turfologie/
65 KB
66 KB
Image
General
Full URL
https://img.webme.com/pic/t/turfologie/5936eaff2200001500c6c942.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 02 Oct 2018 14:57:34 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
9649
ETag
"5bb3875e-10539"
X-Varnish
262773246, 480743716 472622133
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66873
1.gif
1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/
12 KB
12 KB
Image
General
Full URL
https://1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/1.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
fife
etag
"v7b"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
7-Fortunepmu.jpg
3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/
7 KB
7 KB
Image
General
Full URL
https://3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/7-Fortunepmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="7-Fortunepmu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7373
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
6-Turfpmu.jpg
2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/6-Turfpmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="6-Turfpmu.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2753
x-xss-protection
0
expires
Tue, 30 Jan 2024 11:35:34 GMT
5-Elvyturf.jpg
4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/
4 KB
4 KB
Image
General
Full URL
https://4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/5-Elvyturf.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="5-Elvyturf.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3846
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
9-Jeugagnant.jpg
1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/9-Jeugagnant.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="9-Jeugagnant.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3360
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
2.jpg
1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/
7 KB
7 KB
Image
General
Full URL
https://1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/2.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7042
x-xss-protection
0
server
fife
etag
"v7b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
8-Triotierce.jpg
3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/8-Triotierce.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="8-Triotierce.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3489
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
10-Basecouple.jpg
3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/10-Basecouple.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="10-Basecouple.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2914
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
image.png
static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/
7 KB
7 KB
Image
General
Full URL
https://static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:12:14 GMT
via
1.1 google, 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
1700600
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6948
wix-tracer
2ajMSUZ1c5aQ7h9hCD7mZ12Weqg
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
eXHd01RIsGsyx92oSCKmtpKQYvCmdRxlpyRDpYfG3Qo5CrkAOQcuYw==
x-seen-by
image-manipulator-7c76496fbd-vhhxk
4-Jeupmu.jpg
2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/4-Jeupmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="4-Jeupmu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2672
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
11-Franckyturf.jpg
1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/11-Franckyturf.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="11-Franckyturf.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3154
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:35:34 GMT
image.png
static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/
7 KB
8 KB
Image
General
Full URL
https://static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 08:03:10 GMT
via
1.1 google, 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
1308744
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7434
wix-tracer
2awAhzSZdrSxs8oav62VyUuRXlc
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
dMufvggMCl6Wb_JsO7SbSL_aCDHmz84_armQWB6gPQoBRt-r5XALow==
x-seen-by
image-manipulator-84f467849-xsdgk
turfologie1.jpg
img.webme.com/pic/t/turfologie/
18 KB
18 KB
Image
General
Full URL
https://img.webme.com/pic/t/turfologie/turfologie1.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 04 Jan 2015 19:31:40 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
919
ETag
"54a9951c-47c1"
X-Varnish
280740312, 480743714 481919551
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18369
banner.gif
img.root-top.com/topsite/turfologie/
4 KB
5 KB
Image
General
Full URL
https://img.root-top.com/topsite/turfologie/banner.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
355011
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCELH7VZt1E1fkdCtfjy%2FJBPBJOe9ZVkW2eZ6glhf2x%2BMNs9Qe0VESZx%2Ftu5yVcFTfrUg%2BiksxBQ%2Fbt%2BAl5TeJaDKxmJ5yTHu%2B6FOOb%2F6zh0QPm2GbOgzcEYq9oDlOAaKo6kG%2F20TqJghJw8iCFb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84d12c26fe004141-LHR
alt-svc
h3=":443"; ma=86400
content-length
4424
AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175
blogger.googleusercontent.com/img/a/
12 KB
12 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v37d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="YANNPMU1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11922
x-xss-protection
0
expires
Tue, 30 Jan 2024 11:35:34 GMT
prono.gif
img.webme.com/pic/t/turfologie/
19 KB
20 KB
Image
General
Full URL
https://img.webme.com/pic/t/turfologie/prono.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 04 Jan 2015 19:31:40 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
10024
ETag
"54a9951c-4d31"
X-Varnish
258939715, 482018273 478788434
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19761
links.gif
theme.webme.com/designs/red/images/
661 B
1 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/links.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
422
Content-Type
image/gif
X-Varnish
282281306, 480743732 481027365
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
661
Expires
Mon, 11 Mar 2024 11:28:31 GMT
main_bg.gif
theme.webme.com/designs/red/images/
2 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/main_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
243
Content-Type
image/gif
X-Varnish
302233996, 461431453 476825016
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1544
Expires
Mon, 11 Mar 2024 11:31:31 GMT
page_main_bg.gif
theme.webme.com/designs/red/images/
2 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/page_main_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
301631220, 482018287 478293226
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1609
Expires
Mon, 11 Mar 2024 11:29:15 GMT
navi_bg.gif
theme.webme.com/designs/red/images/
8 KB
8 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/navi_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
300662064, 482018281 480124335
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8181
Expires
Mon, 11 Mar 2024 11:29:15 GMT
navhead.gif
theme.webme.com/designs/red/images/
306 B
718 B
Image
General
Full URL
https://theme.webme.com/designs/red/images/navhead.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
378
Content-Type
image/gif
X-Varnish
279955018, 482018283 480458943
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
306
Expires
Mon, 11 Mar 2024 11:29:15 GMT
button_bg.gif
theme.webme.com/designs/red/images/
3 KB
4 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/button_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
301631224, 480743722 478293233
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3551
Expires
Mon, 11 Mar 2024 11:29:15 GMT
cont_bg.gif
theme.webme.com/designs/red/images/
1 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/cont_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
301631222, 480743718 476824177
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1482
Expires
Mon, 11 Mar 2024 11:29:15 GMT
cont_head_bg.gif
theme.webme.com/designs/red/images/
6 KB
6 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/cont_head_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
302424428, 461431455 480556256
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6138
Expires
Mon, 11 Mar 2024 11:29:15 GMT
cont_bottom.gif
theme.webme.com/designs/red/images/
4 KB
4 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/cont_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
759
Content-Type
image/gif
X-Varnish
301370843, 480743742 476411410
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4031
Expires
Mon, 11 Mar 2024 11:22:54 GMT
bottom2.gif
theme.webme.com/designs/red/images/
1 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/bottom2.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
64
Content-Type
image/gif
X-Varnish
289791792, 461431465 482050827
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1525
Expires
Mon, 11 Mar 2024 11:34:29 GMT
left_bottom.gif
theme.webme.com/designs/red/images/
129 B
541 B
Image
General
Full URL
https://theme.webme.com/designs/red/images/left_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
689
Content-Type
image/gif
X-Varnish
301830244, 461431467 480122296
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
129
Expires
Mon, 11 Mar 2024 11:24:04 GMT
bottom.gif
theme.webme.com/designs/red/images/
2 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
689
Content-Type
image/gif
X-Varnish
297815901, 461431469 480122299
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1957
Expires
Mon, 11 Mar 2024 11:24:04 GMT
221468_frame.php
www.linkredirect.biz/b-images/ Frame 3E26
3 KB
1 KB
Document
General
Full URL
https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-1558107153-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaYjW15uZxXKXm2ycZQ%253D%253D&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaojW15uZxXKXm2ycZQ%253D%253D&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNka4jW15uZxXKXm2ycZQ%253D%253D
Requested by
Host: pubdirecte.com
URL: https://pubdirecte.com/script/banniere.php?said=132891
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
a4404de08dd9d3e5cc8d686d0cca9171327724ea9e1aeb3b4d1adeba61d39923

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
834
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
X-ssl
1
truncated
/
127 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
103839-200x90.js
www.cpmaffiliation.com/
0
0

eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=
asrv205.com/adframe/ Frame A94E
2 KB
1 KB
Document
General
Full URL
https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cd5f831df132de38f64f7962efccaf024e928ed409484220ff30eb80806ec6

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d12c26dc45d6de-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAduD5kl9GuuuMfQQfUg8NT%2B4nP7DEwqlqCu11PKhnI8hq4Nk%2B%2BL9a3XGMsPDlPXZ7DCa3b7NTpxgG%2BBktbKpoRY0p0FhZyqI3K2jNDU%2BvZ3%2FK4%2FOioYIwC9s8xJERXF0n%2FQwt8R6alHUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/
233 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
left_bg.gif
theme.webme.com/designs/red/images/
16 KB
17 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/left_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
300662062, 461431459 480556247
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16492
Expires
Mon, 11 Mar 2024 11:29:15 GMT
left_bg2.gif
theme.webme.com/designs/red/images/
23 KB
24 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/left_bg2.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
379
Content-Type
image/gif
X-Varnish
302424420, 480743734 480124338
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23961
Expires
Mon, 11 Mar 2024 11:29:15 GMT
head.gif
theme.webme.com/designs/red/images/
285 B
698 B
Image
General
Full URL
https://theme.webme.com/designs/red/images/head.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
93573
Content-Type
image/gif
X-Varnish
28786548, 480743740 461001983
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
285
Expires
Sun, 10 Mar 2024 09:36:00 GMT
top.gif
theme.webme.com/designs/red/images/
2 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
93573
Content-Type
image/gif
X-Varnish
33991771, 480743738 463279906
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1729
Expires
Sun, 10 Mar 2024 09:36:00 GMT
main.gif
theme.webme.com/designs/red/images/
1 KB
2 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/main.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
93573
Content-Type
image/gif
X-Varnish
28786552, 480743736 411163775
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1215
Expires
Sun, 10 Mar 2024 09:36:00 GMT
rechts.gif
theme.webme.com/designs/red/images/
653 B
1 KB
Image
General
Full URL
https://theme.webme.com/designs/red/images/rechts.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
542
Content-Type
image/gif
X-Varnish
302041572, 461431463 477748426
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
653
Expires
Mon, 11 Mar 2024 11:26:31 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/
405 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3e97dc39ce5ce919ebfd1135204868b9cfe049e4651d63b693fada871f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140753
x-xss-protection
0
server
cafe
etag
8506950359783300315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:34 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 155D
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
42897
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Sun, 11 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logo_120.png
www.linkredirect.biz/image/ Frame 3E26
2 KB
2 KB
Image
General
Full URL
https://www.linkredirect.biz/image/logo_120.png
Requested by
Host: www.linkredirect.biz
URL: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-1558107153-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaYjW15uZxXKXm2ycZQ%253D%253D&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaojW15uZxXKXm2ycZQ%253D%253D&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNka4jW15uZxXKXm2ycZQ%253D%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
5ae7a1adba46f58f5d59595820d30f22673c04f6f3b54ae1f220a4a49cc7ec6c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-1558107153-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaYjW15uZxXKXm2ycZQ%253D%253D&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaojW15uZxXKXm2ycZQ%253D%253D&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNka4jW15uZxXKXm2ycZQ%253D%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:34 GMT
Last-Modified
Fri, 29 Dec 2017 18:02:08 GMT
Server
Apache
ETag
"21da3ad8-7bf-5617e6e4f0800"
X-ssl
1
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1983
tagpdis.php
www.1clic1don.fr/ Frame 8A09
6 KB
3 KB
Document
General
Full URL
https://www.1clic1don.fr/tagpdis.php
Requested by
Host: www.linkredirect.biz
URL: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-1558107153-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-1558107153-45567-18-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D37578438%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaYjW15uZxXKXm2ycZQ%253D%253D&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNkaojW15uZxXKXm2ycZQ%253D%253D&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9qZZZtk5Nqlmhnj5VuaGtwZmSbYMiTkquPmJNka4jW15uZxXKXm2ycZQ%253D%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b5be285db123caeea39eeca44e1fad72eac7fc665eebee0908eda167111ee8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.linkredirect.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d12c278f8a3cdd-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umM%2BnPMNtSHReaEN%2F9Mq13jFCSF8HQfgcyQTaVxF4M1iMn2YouoyDxalNf2H2mcuNB8dfMLe0ZOIm1emybRHigWth%2FcpUZJtDWoHiCS8%2Fd9xLGgOWupUF7Nt7tOcJJZvOj56mjdYdHy79HMjwexW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
www.mr-shop.de/blog/wp-content/uploads/2023/12/ Frame A94E
Redirect Chain
  • https://t.adcell.com/p/image?promoId=364263&slotId=105746
  • https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
33 KB
33 KB
Image
General
Full URL
https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Server
87.118.71.104 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
s4007.hqgmbh.eu
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
461883ddb966b115df5d132b4d91bbf74e88a676b29a3e56c12a78c62da8020c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://asrv205.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
last-modified
Fri, 15 Dec 2023 08:12:34 GMT
server
Apache/2.4.46 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
33602
expires
Tue, 28 Jan 2025 11:35:34 GMT

Redirect headers

date
Mon, 29 Jan 2024 11:35:34 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
cache-control
max-age=0
content-length
0
expires
Mon, 29 Jan 2024 11:35:34 GMT
view
t.adcell.com/p/ Frame DC26
42 B
420 B
Document
General
Full URL
https://t.adcell.com/p/view?promoId=364266&slotId=105746&pv=1
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
content-type
image/gif
date
Mon, 29 Jan 2024 11:35:34 GMT
expires
Sat, 11 Jan 2003 12:59:00 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
pragma
no-cache
server
myracloud
strict-transport-security
max-age=15768000
eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN...
fwdtrk.com/track/ Frame 1928
1 KB
2 KB
Document
General
Full URL
https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjUyODEzNH0%3D
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.183.9.176.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
widget.min.js
arc.io/ Frame 8A09
7 KB
3 KB
Script
General
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-78.muc50.r.cloudfront.net
Software
/
Resource Hash
30396828f2c2fb5e4e4d9c26b0286552cf17243411ac0d5d8b97e1fd9a7595c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:39:00 GMT
content-encoding
br
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 03 Jan 2024 18:03:16 GMT
x-amz-cf-pop
MUC50-P2
age
3394
etag
"6595a164-b86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
content-length
2950
x-amz-cf-id
Ml4TKz6M36r2R5fmAp0udE9sjAngdQYJ27YdkUBu5V0bcGv5Qzhysw==
style.css
www.1clic1don.fr/style/ Frame 8A09
163 KB
26 KB
Stylesheet
General
Full URL
https://www.1clic1don.fr/style/style.css
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/tagpdis.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Jul 2019 15:22:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6172
etag
W/"28b20-58d7d7a8c8304"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmKQ%2B8fySYhhtGEUOjRJ%2BK7BU7oUWh7b2QVAOWnOzJAz9x2c6lLC%2F%2FBqksnwlR%2BAf1ldw59fBUq0%2FTmMXc3htSL728HgbnB4jZhgK0AcO5b3kNziryRUIhoOMzkZt7VGeOBZY8z%2FxSkR5kfu%2FHZB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84d12c2818543cdd-CDG
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
www.1clic1don.fr/js/ Frame 8A09
36 KB
10 KB
Script
General
Full URL
https://www.1clic1don.fr/js/bootstrap.min.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/tagpdis.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 23:32:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5997
etag
W/"9004-58ab0224731cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3lHgFryCKyLDaOZM2OKlBFbwFxDzlADmtp3rg9uQJnrzuv1Ep1KH%2FmemgSn5N3FSClZcUC1mjZ8e%2FW0nI1d4tUnt1IesCkVcKFJWmOYz3q8T6obfogbNtqrLIwOwz7%2FdkG2F4ax1Q4yJ9XxnBRQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84d12c2818563cdd-CDG
alt-svc
h3=":443"; ma=86400
ads.js
admediatex.net/serve/ Frame 8A09
1 KB
988 B
Script
General
Full URL
https://admediatex.net/serve/ads.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1713654
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 31 Dec 2023 15:38:35 GMT
server
cloudflare
etag
W/"65918afb-449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbBEk0bcj6QXPGW8s16x67Uj88t74oBFnUyH3QMQryKA7Rm1fO3tB8Q4LQZ2u0vrpUj7F6lXkeqzBAnCdCsksjCB%2Bu6ydo%2FznpOQCH5nNtmSYitJntKKHnjxzblpBAGYCMR0RlNfQcU3b4p5sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
84d12c286cd299c8-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
track
fwd.fwdtrk.com/ Frame 1928
0
0

d
visifeed.org/ Frame 105C
405 B
736 B
Document
General
Full URL
https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjUyODEzNH0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
e8e88ed8a0b60995b8410a5427bef8700c4368735a23c9afd6908f6ff3fcf5a6

Request headers

Referer
https://fwdtrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
05062506-9717-4396-b66a-19d63c417f0b
campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/ Frame 690D
Redirect Chain
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b
  • https://collecte.numeo.acpm.fr/track?link=22026&n=20240119&cible=https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
  • https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
2 KB
1 KB
Document
General
Full URL
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
773fe71364d7c47fe5970d37a4b183ce6c60dd214745af7ae7ea3c37ec40b8e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:35 GMT
etag
W/"8c8-Eo83dtRD9C7lrm+ElxrSoAotGDI"
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
274
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:34 GMT
location
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
server
nginx
vary
Accept
x-powered-by
Express
x-robots-tag
none
/
adnade.net/ptp/ Frame 86ED
8 KB
3 KB
Document
General
Full URL
https://adnade.net/ptp/?user=pas30
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
55df3c8eb1080098bd62f7ad163e39294b4c5576941a241686c909f7e36dd8e5

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
charlevoixpro-bold-webfont.woff2
www.1clic1don.fr/fonts/ Frame 8A09
22 KB
23 KB
Font
General
Full URL
https://www.1clic1don.fr/fonts/charlevoixpro-bold-webfont.woff2
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.1clic1don.fr/style/style.css
Origin
https://www.1clic1don.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2835
alt-svc
h3=":443"; ma=86400
content-length
22524
last-modified
Thu, 06 Jun 2019 23:14:59 GMT
server
cloudflare
etag
"57fc-58aafe2079f9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No9p8MaYW0NUXl6tORwrCTlLPgE5y2eN%2BdfHKuH7Izsfnz4ibZCClxTrINJC%2B9c3RUR7ljwIg9kT%2Fi6jb%2BTbhtw4HZ46kOW8Ky8VKGaNmYnYAgXfmbe6F7vYdX0iFn7e%2BXqiih4zfTcVoF55Rb2%2B"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84d12c285b09d6c6-CDG
ads
googleads.g.doubleclick.net/pagead/ Frame 752B
357 KB
79 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706528134&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528134162&bpp=2&bdt=209&idt=299&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1130722925840&frm=20&pv=2&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
526f9e51eb53bfdfdc6de46e24e8cf1097861f6d9592aedff82cc0174099d7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
80501
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:34 GMT
expires
Mon, 29 Jan 2024 11:35:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show.php
adz2you.xyz/serve/ Frame 919E
0
0
Document
General
Full URL
https://adz2you.xyz/serve/show.php?a=33&b=468x15
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-ray
84d12c290bab3cf5-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B3ye4VsvNYTxj83g5wNdLv%2B73ahnWw70Eao5iCAgxeFcKWGpwbox8Toyb5EZZ%2BN%2F2LmFXxr%2BwZvILackOI0gBNzOSDyFDJ7XBe1398vXnvuE01z5QlwasNL5tZsG8v6Jlt6F9UQlBs1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
show.php
adz2you.xyz/serve/ Frame 7C86
10 B
365 B
Document
General
Full URL
https://adz2you.xyz/serve/show.php?a=33&b=236x15
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
887ee4fd5820088063e31ee2e61869155c1438e27e9f1b116d8fe3bf60829ea7

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d12c290baa3cf5-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GizS3ZSt%2ByrKNgXYSO5E8Xk3Skpi%2Fih39mwiPW5gTv%2BG%2FnQttnh2j%2FHilTBWr44bkd3L6o0uX7h%2FGE%2BsaJxL%2B8nsv%2Fj6tpAXj1LwVJa8XASVK6TjaRO8jaTjOXHp%2FKVD0JbgTyvKHxLog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
main.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 3862
Redirect Chain
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB
Script
General
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d101c1a0d579f418a66e054a403dff556c002ad77a7543b75a379cbdc91b014
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrlPhUYqITdqsGhzjw%2FAodF87yj5uwY3L%2B7VhhaTZuWMVed8Z5K6f7lBa9qKvyU%2F9wd4n9eNOOQAMJnBMQlBi3%2BlwyIx0AoCr2cy4MBWZkRxE5fnzOALkX4bNfgk%2FQRTAOoavJ%2Bl2vE8TDeq5P50"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84d12c28dba6d6c6-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUQELsEUhSTXpgAnLzf7o9jXQphsqzJHGqZsvz9VvqfYT9kORTpuWGjmJ8bzshDgqgSIsaWaTX0tTP%2FeskXrdFpDU4feQK3EwgSCO0LVaGDWm1KRO5OTGRp97KhS6hkE3R6rarnMyIpWYQCCpUGy"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84d12c28ab54d6c6-CDG
alt-svc
h3=":443"; ma=86400
core.js
static.arc.io/widget/js/ Frame 8A09
310 KB
104 KB
Script
General
Full URL
https://static.arc.io/widget/js/core.js?76bc4f3
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
cdd2c81aadd2f0eeb770acc7652cf1c421271c05886f0ef337264c6fada0e142

Request headers

Referer
Origin
https://www.1clic1don.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
84H5Q0PRTFWMFCBH
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:40
cdn-pullzone
786569
x-amz-id-2
mpCaAwlRr9RTvSWc/fMd30v0iKgP+j3JdUxqhlqAyByPto962Rhtjyn3w2c/z4Fv/imGKhjXHNQ=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"eccc534be4c6f4d98fcd62e2d4fd5a4e"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
f781d70d4ed56dd8c3aef79da662f29e
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
broker.html
core.arc.io/ Frame 366A
2 KB
1 KB
Document
General
Full URL
https://core.arc.io/broker.html?76bc4f3
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-cachedat
01/03/2024 19:10:38
cdn-edgestorageid
1080
cdn-proxyver
1.04
cdn-pullzone
786568
cdn-requestcountrycode
FR
cdn-requestid
39465ed84829a8dfed1529f035c25e07
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 11:35:34 GMT
etag
W/"64331d06-612"
expires
Fri, 02 Feb 2024 19:10:38 GMT
last-modified
Sun, 09 Apr 2023 20:16:06 GMT
server
BunnyCDN-DE1-1082
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
i
visifeed.org/ Frame 105C
410 B
735 B
Document
General
Full URL
https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a612b&ci=yCbq1Ov%3B&its=9F%5Bt%2ALp5e%3DbA%7DQD%3BxkPWbU%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
d4174f8315dd02c68b8b7c727381fafe4c646f0862d6f31c7450f03685771e7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
logo.png
adnade.net/images/ Frame 86ED
21 KB
21 KB
Image
General
Full URL
https://adnade.net/images/logo.png
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Dec 2023 03:50:38 GMT
server
nginx
etag
"657a7b8e-543e"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21566
expires
Tue, 28 Jan 2025 11:35:34 GMT
ptp.png
adnade.net/ptp/ Frame 86ED
343 B
581 B
Image
General
Full URL
https://adnade.net/ptp/ptp.png
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:11 GMT
server
nginx
etag
"651b7317-157"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
343
expires
Tue, 28 Jan 2025 11:35:34 GMT
jquery.js
cdn-binance.com/ Frame 86ED
763 B
531 B
Script
General
Full URL
https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
787d44653b810f39b2ed4065d59e7a23d83af7ce4686de0bca2147c3147718b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
x-xss-protection
1; mode=block
jquery-3.6.4.min.js
adnade.net/ptp/ Frame 86ED
88 KB
36 KB
Script
General
Full URL
https://adnade.net/ptp/jquery-3.6.4.min.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Dec 2023 20:17:08 GMT
server
nginx
etag
W/"65907ac4-15e6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 28 Jan 2025 11:35:34 GMT
consent.js
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 86ED
2 KB
2 KB
Script
General
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
778aa4b81cf3e0bbfccde36672efafd9df4de3e3c16c9aa679c1129bae4f543f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-164
cdn-cachedat
01/27/2024 20:53:33
cdn-pullzone
236985
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:22 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"659c9e2a-960"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-requestid
c3ca65dbe6ea791f19c3ff50d93b27b0
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
/
sparkasse-fickmuehlen.de/partner/ Frame 05A0
333 B
531 B
Document
General
Full URL
https://sparkasse-fickmuehlen.de/partner/
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h115.hubuhost.com
Software
nginx /
Resource Hash
aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adnade.net/ptp/?user=pas30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-length
333
content-type
text/html
date
Mon, 29 Jan 2024 11:35:34 GMT
etag
"63e99d0e-14d"
last-modified
Mon, 13 Feb 2023 02:14:38 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
84d12c278f8a3cdd
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3862
0
596 B
XHR
General
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/jsd/r/84d12c278f8a3cdd
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWepEFHl2GuFKYxel28mnt8MQFVhaU2cSaeYE7mS08%2BVn4Kko368tC8ThSNrBqF85AFxNJRRj7BLR7R1MI2e8b6%2BplxD4iUaFuzp3%2BD8odx5hYI2tsAH1jgMp%2BoWc03U%2FeNEblUOdrE89Cp7xaCx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
84d12c296c5bd6c6-CDG
alt-svc
h3=":443"; ma=86400
page_bg.jpg
adnade.net/images/ Frame 86ED
2 KB
2 KB
Image
General
Full URL
https://adnade.net/images/page_bg.jpg
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-6f1"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1777
expires
Tue, 28 Jan 2025 11:35:34 GMT
main_bg_oben2.gif
adnade.net/images/ Frame 86ED
3 KB
3 KB
Image
General
Full URL
https://adnade.net/images/main_bg_oben2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-c00"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3072
expires
Tue, 28 Jan 2025 11:35:34 GMT
main_bg_mitte2.gif
adnade.net/images/ Frame 86ED
1007 B
1 KB
Image
General
Full URL
https://adnade.net/images/main_bg_mitte2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-3ef"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1007
expires
Tue, 28 Jan 2025 11:35:34 GMT
d
visifeed.org/ Frame B59B
347 B
670 B
Document
General
Full URL
https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&ci=yCbq1Ov%3B&its=9F%5Bt%2ALp5e%3DbA%7DQD%3BxkPWbU%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a612b&ci=yCbq1Ov%3B&its=9F%5Bt%2ALp5e%3DbA%7DQD%3BxkPWbU%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
a1d4d8ee7ff5c687ce310fa85f4172bdc750268aa1932b27d253ad06dc40dc1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
broker.9e6bf337.js
static.arc.io/broker/js/ Frame 366A
24 KB
10 KB
Script
General
Full URL
https://static.arc.io/broker/js/broker.9e6bf337.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
VFMJQ29D7NCVQTAE
x-amz-server-side-encryption
AES256
cdn-cachedat
01/27/2024 02:41:53
cdn-pullzone
786569
x-amz-id-2
vTnPnrQa2vTgcx4s0KUdzt96RSGuJ2/aH4i5MOF1beL89G+WldYp4jf+acBkk+uN8wjSO97tnSw=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"0f4be176d7381439a060ff326b994fd2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
0dc51d02df7596a59996ef353a3025a1
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
chunk-vendors.5e1d8045.js
static.arc.io/broker/js/ Frame 366A
49 KB
20 KB
Script
General
Full URL
https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
Y12498A8TBSCT926
x-amz-server-side-encryption
AES256
cdn-cachedat
01/27/2024 09:26:29
cdn-pullzone
786569
x-amz-id-2
xqRTAzvE1u/8PHJIYANpfohlUQmAfWVgm8VEYSVSN0+5Vkpr+/V39OtgyNKsiruncykLq6MMniI=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"c78a505ea0c6b4622562567efbbeb847"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
0d7260eeefb2f7a951643b136f61e0b9
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 366A
0
5 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
9WD718SH73SSHMZ7
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:52:40
cdn-pullzone
786569
x-amz-id-2
jwrzNVpxy+i1mS/N/l577v4ox+ukfrpjgmX4rF76e9TSPHNoYO0CdjMI3zyK1afVCHGm3nd2C84=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1343454a1c763177d59f06c307b3a5a2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
29adac7a42e8573837f37aa56dbbc864
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 366A
0
16 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
CP6YZNWNJJ5KYQVA
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 19:02:36
cdn-pullzone
786569
x-amz-id-2
+F65twGIouACOFn4YbfAePvhu7ePLb4OU3MlB/hdk9Ad1mG/m3PJjcaei5Pdxavr48zibokx+xI=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d03c11be3537746519138d1fe06bd033"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
cec0d2f46191cb3e19f21a0dc9f9263c
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
/
deli.misaglam.com/prepare/channel/ Frame 00AF
424 B
484 B
Document
General
Full URL
https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Requested by
Host: sparkasse-fickmuehlen.de
URL: https://sparkasse-fickmuehlen.de/partner/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h115.hubuhost.com
Software
nginx /
Resource Hash
e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sparkasse-fickmuehlen.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
embed.chatlotto.de/ Frame F9C7
701 B
625 B
Document
General
Full URL
https://embed.chatlotto.de/?chatroom=93b4e8d7dbbfe0e6
Requested by
Host: cdn-binance.com
URL: https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2c9836a2a41cf3afb88e1ec7eb190dfab7ca158f0dea35953121b798559c6d4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
* *
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
2276544
ad.a-ads.com/ Frame 2EA7
13 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.152.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.152.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
a0750d4493debc5e7f2ba3efde7073f485c0db4f4745da0435ad51d4013173bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 29 Jan 2024 11:35:34 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
/
deliver.adnade.net/ Frame 904D
2 KB
973 B
Document
General
Full URL
https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8b0019948b179d30e954e6f85ffcca80332b44108ae41ef36789032420c55ee4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
index.php
adnade.net/ptp/ Frame 86ED
4 B
156 B
XHR
General
Full URL
https://adnade.net/ptp/index.php?tsp=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86b&a=d71b4f77d30aa54611fe43ab573c0891&d=1706528134678
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/jquery-3.6.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
matomo.js
tool.hubu.link/ Frame 86ED
64 KB
25 KB
Script
General
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 10:11:46 GMT
server
nginx
etag
W/"6565bce2-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 28 Jan 2025 11:35:34 GMT
banner.no-autoblock.js
consent.cookiefirst.com/ Frame 86ED
63 KB
24 KB
Script
General
Full URL
https://consent.cookiefirst.com/banner.no-autoblock.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
c854368f432b471ef7531c57e9b49eb1397ed7569dd29de9b7469e83477a6af9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-661
cdn-cachedat
01/28/2024 22:02:30
cdn-pullzone
236985
visitor-location
FR
last-modified
Wed, 24 Jan 2024 08:56:49 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65b0d0d1-faee"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=300
cdn-requestid
f32585386c8faebe158bb8bd09cc6e6b
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
main_bg_unten2.gif
adnade.net/images/ Frame 86ED
2 KB
2 KB
Image
General
Full URL
https://adnade.net/images/main_bg_unten2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:06 GMT
server
nginx
etag
"651b7312-7f2"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2034
expires
Tue, 28 Jan 2025 11:35:34 GMT
redirect
api.yieldads.net/ Frame B59B
2 KB
2 KB
Document
General
Full URL
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&ci=yCbq1Ov%3B&its=9F%5Bt%2ALp5e%3DbA%7DQD%3BxkPWbU%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/8.2.15
Resource Hash
47e6c644b1ed5dcc9721467011aba1e2d27bed3c90608daddb0a728fb33b4418

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
server
nginx
x-powered-by
PHP/8.2.15
version.json
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 86ED
44 B
781 B
Fetch
General
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/version.json?v=1706528134732
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
f865514efd53f7cda25e74bd902e27fab65f0136ffb541548c5cb3b0fb7f9702

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-680
cdn-cachedat
01/29/2024 11:35:34
cdn-pullzone
236985
content-length
44
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:22 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"659c9e2a-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=15
cdn-requestid
df969210d289042c4f43096f4c517fec
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
vendors~widget-ui.js
static.arc.io/widget/js/ Frame 8A09
94 KB
36 KB
Script
General
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
EN8SHDNCWNF3PYYS
x-amz-server-side-encryption
AES256
cdn-cachedat
01/26/2024 16:42:07
cdn-pullzone
786569
x-amz-id-2
crCRxd8oqDmHqf4Pg1TLYlSXMMShPi+QquVYvDiWfOqOJvJ0qF//F8ihdJ2ecS2uFOI5Dmit5z0=
last-modified
Wed, 03 Jan 2024 18:03:35 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"de8ab4879bd77ebe629c721339d42f65"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
612b3c90ee035d088a1f7494eb386878
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
widget.css
static.arc.io/widget/css/ Frame 8A09
85 KB
9 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
74b287a781f5473f81ffd21ea86786af
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
widget-ui.js
static.arc.io/widget/js/ Frame 8A09
41 KB
15 KB
Script
General
Full URL
https://static.arc.io/widget/js/widget-ui.js?6e086999
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
52Z9DTJA7K12XFSG
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
LfzKyva/npq+SoTQIq4nC+dLxvKo4Y6yAqPiyk57eNb+1yziIk2p7JX53hi44P20UWQzBPCRxTc=
last-modified
Wed, 03 Jan 2024 18:03:35 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"932fe4d4a9d62f8d6cdc378aac6e8030"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
584764a9a878adae2118893bdfa16c87
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
empty.gif
adnade.net/ptp/ Frame 904D
43 B
279 B
Image
General
Full URL
https://adnade.net/ptp/empty.gif
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 29 Jan 2024 11:35:34 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:11 GMT
server
nginx
etag
"651b7317-2b"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
43
expires
Tue, 28 Jan 2025 11:35:34 GMT
wgpizbdq.js
ad4m.at/ Frame 00AF
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 10:48:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2806
etag
W/"f0be4bb62117dc5dfef3ce3dc9072e09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXNnnvzyh9wlK82hsRms9AWTGOPnhmpDrLe574WGsT1MVryCI%2FrD1ZVeb35tWtF1cZa3p41IL58%2BFKuLR5vJtm1ljZVqzanjjekaQkGDKMdduTOr9AdYAKi7iX6Ieiha1W1CilA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
84d12c2ade400473-CDG
alt-svc
h3=":443"; ma=86400
expires
Mon, 29 Jan 2024 10:48:41 GMT
/
eu4-de84.muggel.net/ Frame AF99
Redirect Chain
  • https://billigerscheiss.de/?t=1706528134&ln=1
  • https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
11 KB
1 KB
Document
General
Full URL
https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ad55fc50b1cf2bf76ee8d73f28be743af90daa4ffdc0ef2e63d0ec3d3342aa11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
location
https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
/
bitporno.de/ Frame 490D
Redirect Chain
  • https://adnade.net/surfbar/?p=1
  • https://billigerscheiss.de/?g=0
  • https://bitporno.de/
59 KB
9 KB
Document
General
Full URL
https://bitporno.de/
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d08a2cb9ae91a52aa55f0e1ba880e051ae0950daa52336e5ce6b51e7d4c9f595
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 11:35:35 GMT
etag
W/"657e467c-ec89"
last-modified
Sun, 17 Dec 2023 00:53:16 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:34 GMT
location
https://bitporno.de
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ Frame 2EA7
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 10:46:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 11:35:34 GMT
468x60
static.a-ads.com/a-ads-banners/117614/ Frame 2EA7
166 KB
166 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/117614/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.152.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.152.251.148.clients.your-server.de
Software
nginx /
Resource Hash
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
x-amz-version-id
RiqlbFUXWzMloNmKcFxQkdDqraCFWLWD
last-modified
Sun, 19 Apr 2020 16:07:32 GMT
server
nginx
x-amz-request-id
MFJRGC03SHXFS7DS
etag
"71fa04f4b751182f94820520d348d289"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
169525
x-amz-id-2
G6tm2PiQLdz5tEwyR5SW+przpt+QBNk56/jsuUoBBNePl+JxLhE8GGPr0DDgSYw0kdYJJmkXw4o=
expires
Thu, 31 Dec 2037 23:55:55 GMT
fp.min.js
api.yieldads.net/js/ Frame B59B
34 KB
12 KB
Script
General
Full URL
https://api.yieldads.net/js/fp.min.js
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 08:21:39 GMT
server
nginx
etag
W/"65b76013-864c"
content-type
application/javascript
location
edge.cookiefirst.com/prod/ Frame 86ED
68 B
469 B
Fetch
General
Full URL
https://edge.cookiefirst.com/prod/location?origin=adnade.net
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
171e2569e608b742edc6927b3285c52256203a6bfbe958f35d78f59639b6fb66

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
cdn-edgestorageid
1081
cdn-cachedat
01/29/2024 11:35:34
cdn-pullzone
717911
content-length
68
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://adnade.net
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=1200
cdn-requestid
061b11e281409de75c68fff485acb1c8
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
matomo.php
tool.hubu.link/ Frame 86ED
0
180 B
Ping
General
Full URL
https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=682615&h=12&m=35&s=34&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dpas30&urlref=https%3A%2F%2Fwww.1clic1don.fr%2F&_id=2c67de7b613f5459&_idn=1&send_image=0&_refts=1706528135&_ref=https%3A%2F%2Fwww.1clic1don.fr%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=gtNr2R&pf_net=71&pf_srv=33&pf_tfr=2&pf_dm1=127&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://adnade.net
date
Mon, 29 Jan 2024 11:35:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-credentials
true
server
nginx
x-xss-protection
1; mode=block
myprotein.it
such.de/search/ Frame B59B
Redirect Chain
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
  • https://such.de/y?t=myprotein.it&cid=7b7a19b12a40f5ced872fc6cac809145c7c58491694531408c8b6fb8406dd691&identifier=2b6f4b032d56a189
  • https://such.de/search/myprotein.it
524 B
1 KB
Document
General
Full URL
https://such.de/search/myprotein.it
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.28.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-28-3.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
7c588f1cd3e8533e4cbc5aea523264aba9a0ed9e9e0f54ce31f66988a2fee389

Request headers

Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=d9bbd9ea006b037690b9dfa96ccdeec37cf1aea9b3d007e3c76a8a6e812a6100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://such.de/search/myprotein.it
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33
truncated
/ Frame 2EA7
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 2EA7
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.a-ads.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:34:54 GMT
x-content-type-options
nosniff
age
496841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 17:34:54 GMT
cookie-frame.html
ad4m.at/ Frame 4BDB
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
2615191
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
84d12c2b6ed20473-CDG
content-encoding
br
content-language
en
content-type
text/html
date
Mon, 29 Jan 2024 11:35:34 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu7vjz07pi%2FiJhqFlikUhLxwBof7%2BXxSp1DJ38m7k0WeZhDk2UmenSgdNjiTiHPYoO3DpT5h7%2BXMojlQ%2FmhcuI4pDHENMufOMCW24USGpajSu1gFmKyfO3blKJVTGSVuTGOJZPA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 366A
45 KB
16 KB
Script
General
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:34 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
CP6YZNWNJJ5KYQVA
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 19:02:36
cdn-pullzone
786569
x-amz-id-2
+F65twGIouACOFn4YbfAePvhu7ePLb4OU3MlB/hdk9Ad1mG/m3PJjcaei5Pdxavr48zibokx+xI=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d03c11be3537746519138d1fe06bd033"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
d6233dc0cc9216e0e96a4b6668346253
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
rs
ad4m.at/ Frame 00AF
483 B
841 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81050509922a7682daf67564ce2f66b99c8f4074013a5fef0163be3acf342477

Request headers

Referer
https://deli.misaglam.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk6aC%2F8LHjIlmV1LruHnLf2v7Xj556TarkXA1d2ifywLWhlXSRuTs5uS8aqFqJ%2F%2FpxsMcflPhjNClAZ5VwLUijbjHnCVRFQJeTVfC4ZUaZ2TkMNLc78cFpEhTbgePxwSFh66%2BWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
access-control-allow-credentials
true
cf-ray
84d12c2c1e52d3a3-CDG
x-backend-server
aa-reachservice-group-europe-west1-9lpb
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d12c2bde0bd3a3-CDG
content-length
24
content-type
text/plain
date
Mon, 29 Jan 2024 11:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsrN67HL0ny9r4LEmxY4JHHp0RDEa8z2DM7J0fGlLyXtoqj7iegXqzPl5ME7iOJcSN4cEVPiyaKnyLkAs7JmI4rMlKJxZ5fUANYqgGHLVcmfakl21D0EXKRyI7CRR52rBUitL2k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-9lpb
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a18c8c5d01af4a628131bafde03d7acde117e983419b15497f49a92e6279fc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57013
x-xss-protection
0
server
cafe
etag
6497177564437715060
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7120
706 B
380 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706528135&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528135057&bpp=1&bdt=1104&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1130722925840&frm=20&pv=1&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
810ef899aaf5ddabf470f55c167011ab89473ba84769a938d79924110a95e7c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 873A
706 B
379 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706528135&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706528135057&bpp=1&bdt=1103&idt=1&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1130722925840&frm=20&pv=1&ga_vid=1710743544.1706528134&ga_sid=1706528134&ga_hid=1899791877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&oid=2&pvsid=4094453865082594&tmod=1992434807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
834ae2223381d42387cb13bd26cf384e637f79dc98d274d470d514b4491ccfc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C31079266%2C44795922%2C95322181%2C95320868%2C95321626%2C95322162%2C95322388%2C95323006&hl=fr&pvc=4094453865082594
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
layout.css
bitporno.de/assets/ Frame 490D
36 KB
9 KB
Stylesheet
General
Full URL
https://bitporno.de/assets/layout.css
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a8bc52c1b7699473e083dba1d954be18c2af142445c326b5442538ac4efdaafa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-9002"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
simple-line-icons.css
bitporno.de/assets/ Frame 490D
9 KB
2 KB
Stylesheet
General
Full URL
https://bitporno.de/assets/simple-line-icons.css
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e6822f9da54ddd31b7fc3c61e47c8b2361daa829adadb3b73d6a02a5a722adf8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-231d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
opensans.css
bitporno.de/assets/ Frame 490D
696 B
910 B
Stylesheet
General
Full URL
https://bitporno.de/assets/opensans.css
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b1b376b967cc897e2299dee4b9d0f57ba4c3593a62dc6d6b40ba96a2bf2145bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2b8"
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
696
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery-ui.css
bitporno.de/assets/ Frame 490D
27 KB
8 KB
Stylesheet
General
Full URL
https://bitporno.de/assets/jquery-ui.css
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9a255011f1b90371fe4135b20812d014249d15c0f93f64f72abd3134a1fda1d5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-6c14"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
image-picker.css
bitporno.de/assets/ Frame 490D
639 B
853 B
Stylesheet
General
Full URL
https://bitporno.de/assets/image-picker.css
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b51c93187fa1945ad56bf2b247e9160c0fc045cd21c004a1dee66602cf3cdbc0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-27f"
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
639
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery.min.js
bitporno.de/assets/ Frame 490D
93 KB
38 KB
Script
General
Full URL
https://bitporno.de/assets/jquery.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b21c8f20dd5566073d0866d37787af516b358ba2fa72577612380a04c783595a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-175d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery.validate.min.js
bitporno.de/assets/ Frame 490D
21 KB
8 KB
Script
General
Full URL
https://bitporno.de/assets/jquery.validate.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f48542aed5e230f43efa681204d1b94af1b66e71cd1be252d5df6aee297f8b20

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-538c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery-ui.min.js
bitporno.de/assets/ Frame 490D
234 KB
77 KB
Script
General
Full URL
https://bitporno.de/assets/jquery-ui.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f5a130fae6483ba4fd033c903a29537db75b5c9948193b42c63f20e9996cf384

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:52 GMT
server
nginx
etag
W/"657e4574-3a880"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery.limit-1.2.source.js
bitporno.de/assets/ Frame 490D
577 B
801 B
Script
General
Full URL
https://bitporno.de/assets/jquery.limit-1.2.source.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
2c9bc45b0b427613aee21fad37d3481c180bcec47496e336451f0c7022274d25

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-241"
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
577
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery.tipsy.js
bitporno.de/assets/ Frame 490D
4 KB
2 KB
Script
General
Full URL
https://bitporno.de/assets/jquery.tipsy.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f454480953e6019ab84b5369452b343428d18f16884f83ec1fa6ff694b5c30a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-106b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
jquery.lazyload.min.js
bitporno.de/assets/ Frame 490D
3 KB
1 KB
Script
General
Full URL
https://bitporno.de/assets/jquery.lazyload.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-ced"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
image-picker.js
bitporno.de/assets/ Frame 490D
5 KB
2 KB
Script
General
Full URL
https://bitporno.de/assets/image-picker.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0cc33061643ee292b57644ce6232d70326347ec1ff7ade7781dfc1b91dae7913

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-13c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
simpleUpload.min.js
bitporno.de/assets/ Frame 490D
12 KB
5 KB
Script
General
Full URL
https://bitporno.de/assets/simpleUpload.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0124b61c4e6df0402766c401694f894c3875b8a6c022b5997d3313f106c83b8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-312a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
new.js
bitporno.de/assets/ Frame 490D
13 KB
4 KB
Script
General
Full URL
https://bitporno.de/assets/new.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
2adcab6f6a7e73d8d54f732e1e35f553bd0d768350f79f747e3951a5366b04a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
W/"657e4573-33b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
logobt.png
bitporno.de/assets/ Frame 490D
8 KB
8 KB
Image
General
Full URL
https://bitporno.de/assets/logobt.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1f418c444a9efe0567ec74f94202d33d0e462f3debc5b88eb18c15c732d474fd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-1e21"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7713
expires
Tue, 28 Jan 2025 11:35:35 GMT
us.png
bitporno.de/assets/ Frame 490D
609 B
824 B
Image
General
Full URL
https://bitporno.de/assets/us.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-261"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
609
expires
Tue, 28 Jan 2025 11:35:35 GMT
detail_list_icon_grey.png
bitporno.de/assets/ Frame 490D
220 B
434 B
Image
General
Full URL
https://bitporno.de/assets/detail_list_icon_grey.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
30f1478485f21c28becc24064c4c611cc546d93dc273edf818a834ec5a8bc765

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-dc"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
220
expires
Tue, 28 Jan 2025 11:35:35 GMT
short_list_icon.png
bitporno.de/assets/ Frame 490D
296 B
511 B
Image
General
Full URL
https://bitporno.de/assets/short_list_icon.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3356bfa621dcadda9484a7ac6a9d702ee41301abe74951602177b91f85883f37

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-128"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
296
expires
Tue, 28 Jan 2025 11:35:35 GMT
player.min.js
bitporno.de/ Frame 490D
220 KB
61 KB
Script
General
Full URL
https://bitporno.de/player.min.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
fa16371a2643975ccaec4345048782965515b8391a9302500d9b8cbed0830995

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 00:47:16 GMT
server
nginx
etag
W/"657e4514-37053"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwatt8tvov3gnhht1sjdfthvtsq2h3it2-12.jpg
bitporno.de/assets/ Frame 490D
16 KB
16 KB
Image
General
Full URL
https://bitporno.de/assets/hkwatt8tvov3gnhht1sjdfthvtsq2h3it2-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
925f925e1bf602978c696597dacc5ec9312041c64ab8223d81821088b86675d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3e7c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15996
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwatu60h0oke2tqxqr4uviak23wl6tjlv-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwatu60h0oke2tqxqr4uviak23wl6tjlv-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
cda14ccc17b052b930ef0688cc893d17861baa61753d6e9abc6f9009fd7e8fb0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2c85"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11397
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwatv9eomk1dmzzgmcxomxbkqubvcdywf-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwatv9eomk1dmzzgmcxomxbkqubvcdywf-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
4a3596ac1a9aaf77a7b247c7d78944f5307a4157b02c637b67c71ff8714dd542

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-24f0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9456
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwatwgtu8cwjyammz77v5fpexvows3rdu-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwatwgtu8cwjyammz77v5fpexvows3rdu-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
382626163e578f35ed52c94bbd5720323c0ce4bfaa29d6d404577894e9f8227d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-24c1"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9409
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwatxcqumsbymnapajqhlw45gd4vc7rbm-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwatxcqumsbymnapajqhlw45gd4vc7rbm-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f0249baeebadb2d33ae7d85090355fdb47e4d5101c3fda204b8f00b396a4f831

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2509"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9481
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwasrr6amddyaouiy3k8lakzgush7svee-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwasrr6amddyaouiy3k8lakzgush7svee-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f775322b10573e574fc3cb9f8ae4c8f890e9d73474c3489cfe815aecddeafd4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-22b0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8880
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkoa5ip1y1gqcnh3de4ogdhjcpoxcbqy2l-12.jpg
bitporno.de/assets/ Frame 490D
12 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkoa5ip1y1gqcnh3de4ogdhjcpoxcbqy2l-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f8e46b73cfb8c4f8cb2a7b1fcfe26bc6811bdaa59a45962c5028f5fb9ef5e12e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:50 GMT
server
nginx
etag
"657e4572-314c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12620
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwarq6oxg43cykrfvc0dr8fhm5rspp5wy-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwarq6oxg43cykrfvc0dr8fhm5rspp5wy-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
37a3a67382c030e972bc0694d6d0628410b82c9ed3235d3424e6d1cf0931dc1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2a61"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10849
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwapnmu89rlmmcsd8z8d8oje8whiavrwu-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwapnmu89rlmmcsd8z8d8oje8whiavrwu-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
4169907e3ffd9950d6d37067050ad613eece0e7c723cc35eb6a7ec9cd4087ab1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2932"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10546
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwapoixd2kvpla3z6vpt5hcxdmov0ymjf-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwapoixd2kvpla3z6vpt5hcxdmov0ymjf-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0df4bc56f49b9416349558d709ac73832ec911c652ead56eb2cfd1d58ad56a9c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2ad8"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10968
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwappl4wblmqy9h5fk367ikai2aw3aeut-12.jpg
bitporno.de/assets/ Frame 490D
8 KB
8 KB
Image
General
Full URL
https://bitporno.de/assets/hkwappl4wblmqy9h5fk367ikai2aw3aeut-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
78b4b0a8d79871622d9506890d2cd5764fd937e24d99133d42d30851083d2d53

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:52 GMT
server
nginx
etag
"657e4574-211d"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8477
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwapqetqerlqob3pyznnkdzif3qkex7rq-12.jpg
bitporno.de/assets/ Frame 490D
13 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkwapqetqerlqob3pyznnkdzif3qkex7rq-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
09e5aa67fb5fbd8a3f2f42bceff88b46b3f1fe5259144b529f01f0bd4b0fbced

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-329a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12954
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwapr9cwaodxpjxj67yyqtj5oyf2ivghc-12.jpg
bitporno.de/assets/ Frame 490D
14 KB
14 KB
Image
General
Full URL
https://bitporno.de/assets/hkwapr9cwaodxpjxj67yyqtj5oyf2ivghc-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9718582cf0d10e9d0ed8be3781dba0969b8a7f07b7a17dbafd4544e36f6d5090

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3901"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14593
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwaom8xbhghohcveoz3co9mxadckfovso-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwaom8xbhghohcveoz3co9mxadckfovso-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9ef4eb999d7dc95df9aab67fa54ce4c856555c3512b4e59e126460811031b03c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2545"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9541
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwanki28s1lzqhxw5tazha0elfnqilqp3-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwanki28s1lzqhxw5tazha0elfnqilqp3-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
7959ebc8003d0baf6009bb9d71f98364429689466ecffea56256b6974afd6cb4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3c01"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15361
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwalhtgqoqkjfs8ilebh0rtpekrxme9tq-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwalhtgqoqkjfs8ilebh0rtpekrxme9tq-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
42c8bf7a875c847e20137487a20e5a6aac836b56e63ea352febc3b616bebe1d5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-224b"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8779
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwalix2587ooegzjsckctdekiffabij4y-12.jpg
bitporno.de/assets/ Frame 490D
12 KB
12 KB
Image
General
Full URL
https://bitporno.de/assets/hkwalix2587ooegzjsckctdekiffabij4y-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
341b47375047ca02320ab81c5b88bfe214153886a1f215f364ba2b6da2ded7f0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2ff8"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12280
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwakgk1lnfjp6ketjrycw0y51ylim1ftq-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwakgk1lnfjp6ketjrycw0y51ylim1ftq-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
bde76de760a9791091b371bdab86ce5e086d8ad4bddfe18b17ba7443bc39bbba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2784"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10116
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwakhhm1y7jbs5rfwdsriocbqhejur3ir-12.jpg
bitporno.de/assets/ Frame 490D
13 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkwakhhm1y7jbs5rfwdsriocbqhejur3ir-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
659d68b537f0ff7524f89d54c1bfb2a64071e1d51884a0b442b187b96e6f772b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-330c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
13068
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwajekyobac6fu8wxfvdyddruovvfshbv-12.jpg
bitporno.de/assets/ Frame 490D
13 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkwajekyobac6fu8wxfvdyddruovvfshbv-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6d24ea0046bb6694e1802a80e38aa53b711d697cfbc637447ba26368ab2f02ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3218"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12824
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwajhwznu9upzkabv1hqgfrdvt2v8ohvy-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwajhwznu9upzkabv1hqgfrdvt2v8ohvy-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
7b73e2c891cc251104ef770c4f589cb07347cc20ae956c53b185f0a1c9a3cc47

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-277b"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10107
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwaidn9ksscdpwgzueb0llsrg22uutjvx-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
16 KB
Image
General
Full URL
https://bitporno.de/assets/hkwaidn9ksscdpwgzueb0llsrg22uutjvx-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
7afe4b232e5895a661e26d445f475b4b60166cb5526687f6dd49b7fff2ce6264

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3d26"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15654
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwaieltdbghtpzp464qxa7vdzdhl1juvs-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwaieltdbghtpzp464qxa7vdzdhl1juvs-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
7182d8b40f23d54f57305f8cd170153c0b07b257bc15194b7af01e5d72128fd8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-29c9"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10697
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwahcad678jsktnajittjf3uwt0eddksu-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwahcad678jsktnajittjf3uwt0eddksu-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
155a1b3bdb0f9cef76a2be1fd9284d50737dc1c5d21ad50308745ac2d8d933aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2b5f"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11103
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwagaaaj408iqzl8uxmnmbgwmavr6un0a-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwagaaaj408iqzl8uxmnmbgwmavr6un0a-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a155eedfe6ef04fc08acb346867c9909ec60d7a5168579a2caaa5b90a5efe5e4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-292a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10538
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwae7ukfne18sgfnppq4vn62isgvcjj5r-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwae7ukfne18sgfnppq4vn62isgvcjj5r-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f14424758ac432acca72ce4e2619d5b17e010670d6ad6242aa65245ce45f6e2b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2ab6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10934
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwae8ya4psstqteefi9ucqxxgce9y7oyh-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwae8ya4psstqteefi9ucqxxgce9y7oyh-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a3a8933c5d492ab658fe1f1d44e3b0d8d49f8361b1060d7b42af27498b4fc7f4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2318"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8984
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwae9yrg2wwedlksrgs3g756f3y5piqpr-12.jpg
bitporno.de/assets/ Frame 490D
13 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkwae9yrg2wwedlksrgs3g756f3y5piqpr-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f92c3865b6c2d3efb43fd7bb9c6da5b1b9987f83dbf24ff1aeac41cfc6a8413f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-34a3"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
13475
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwad5wlx3txl81autd3ofxgomzagkk1su-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwad5wlx3txl81autd3ofxgomzagkk1su-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3453c7dcb2634bd70780e614fd7b497a7f96bec63128af9e419521798d090db8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3b96"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15254
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwad7jq2wuabkd4nuzv37cqc8fxheltbf-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwad7jq2wuabkd4nuzv37cqc8fxheltbf-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
63c3b80f1b879c4df231b7917c0e57410c19defbdb8d908ca8b823b18cd9c137

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2799"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10137
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwac4crysrppp0pq3viuiviifwbf2479n-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwac4crysrppp0pq3viuiviifwbf2479n-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3f1bd64cc4220e41061818e6c84e46fd6c439dcdfa6f33f1ca2d91cc8ac72f76

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:50 GMT
server
nginx
etag
"657e4572-25a7"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9639
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwab35iv1ucvdceoizbx0rmwutty1lkhf-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwab35iv1ucvdceoizbx0rmwutty1lkhf-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6f2a0cbb329644ec82428cdcd25e34d5f533969bdc69091cea55be1edf348083

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2c4c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11340
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwaa1xcktia3jpnqb3ev0pzxw20lccuwc-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwaa1xcktia3jpnqb3ev0pzxw20lccuwc-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b43ce1725864dcb1cd50a8046535761dde9e50658afc733c63bbfc468946f600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3a2a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14890
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa90ee5mik0wiyzqoagcelyyillwugi0-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa90ee5mik0wiyzqoagcelyyillwugi0-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
4bd5a3e93969fcc0fbdcdbbf53e2fe8d380c447a7e2d29c286e557aef08727aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2c52"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11346
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa91fugugvjxgycj7gqiekmyaywkq7pt-12.jpg
bitporno.de/assets/ Frame 490D
14 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa91fugugvjxgycj7gqiekmyaywkq7pt-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
17db6332b26226b212181ef09e92805118dbac154876b7df2b0a024bf02cc465

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3946"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14662
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa92og4txkcuv5g9n1febxkc9ppuqdxr-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa92og4txkcuv5g9n1febxkc9ppuqdxr-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f9511f68695a3cff11d5710e6943c369b68dd5a03a815e8d72941b467bfea0eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-29c7"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10695
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa7yx6hyijsxagaq1hhd8sjaxt4ghtrp-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa7yx6hyijsxagaq1hhd8sjaxt4ghtrp-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
48baa7c5d07e1226b4f45ece050aa7be9ad16cf5f31e6b6cca4bb71e5a2b0e80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3a66"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14950
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa5w5d3dn2xoawmopgm1yhpuwi69w4ry-12.jpg
bitporno.de/assets/ Frame 490D
14 KB
14 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa5w5d3dn2xoawmopgm1yhpuwi69w4ry-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8155b8a9939a2e25d7b2661536aeaecb084958e8a0b2224dd50e44db9860a68e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-36d7"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14039
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa5x79lzn95jqm7kdx9hgdn7ohs44dry-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa5x79lzn95jqm7kdx9hgdn7ohs44dry-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a57b94d17607a20f950a44df62201adb5c9cc3feae549a2aa7943b211f763b94

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2bcc"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11212
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa4uks1fvckr7nobkr55kk00crzmsun1-12.jpg
bitporno.de/assets/ Frame 490D
15 KB
15 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa4uks1fvckr7nobkr55kk00crzmsun1-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
978c08d60d864b0cde74f51bc5513f3001799f8cda37d276812292449e5f7422

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-3c57"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15447
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa3svhq4wld9adorc6fcon7fr7t1wkh6-12.jpg
bitporno.de/assets/ Frame 490D
11 KB
11 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa3svhq4wld9adorc6fcon7fr7t1wkh6-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
c04327df30ed98fc66b989428216d7c79902ca09c6edbebd0b0292e8f19043f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2c3e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11326
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa3tveplsyz4ojej5jqv4xzdnkrlrs1u-12.jpg
bitporno.de/assets/ Frame 490D
12 KB
12 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa3tveplsyz4ojej5jqv4xzdnkrlrs1u-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
7799629aae021a3a35e6fbd0f2ef797dc996d8172903fac27c111f992a39b430

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:50 GMT
server
nginx
etag
"657e4572-30e5"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12517
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa2ra20bnx8ej7j6ctw6kkvqvmppnz5n-12.jpg
bitporno.de/assets/ Frame 490D
12 KB
13 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa2ra20bnx8ej7j6ctw6kkvqvmppnz5n-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8ece0425b295473c83b4ecaa0b56aa3098c0be2f8e596c5e3bd020d9ee4ef069

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-313d"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12605
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa2semjeaz0jceiexndbuq3lca43pbhs-12.jpg
bitporno.de/assets/ Frame 490D
9 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa2semjeaz0jceiexndbuq3lca43pbhs-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ffdffff3dce6bc64be7e5717862e4a19a1e7bae5debb32503ba230f0cbfdb75d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-25be"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9662
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa2vf6gebzxzypzaed9yyx3emgdivdvm-12.jpg
bitporno.de/assets/ Frame 490D
13 KB
14 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa2vf6gebzxzypzaed9yyx3emgdivdvm-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3d3e65da8cf43f7b7163135b03dd8e46916d162621d5a670db38ea19f3819551

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-35b6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
13750
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa1ps4vjndrrhtqhbtbmd6cquun4ua0a-12.jpg
bitporno.de/assets/ Frame 490D
10 KB
10 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa1ps4vjndrrhtqhbtbmd6cquun4ua0a-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6b43f8efa0221318c42ee6996ccd4f4763fcaa8cb6d22c3b3933ed827aba65dc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-27d5"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10197
expires
Tue, 28 Jan 2025 11:35:35 GMT
hkwa0oz1xlmninhhlewq17i3i0glad9sx2-12.jpg
bitporno.de/assets/ Frame 490D
8 KB
9 KB
Image
General
Full URL
https://bitporno.de/assets/hkwa0oz1xlmninhhlewq17i3i0glad9sx2-12.jpg
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
196691e923854e4e4d15c26be9d998bc8e2588c2965221e26e80301ac01e7d69

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:51 GMT
server
nginx
etag
"657e4573-2185"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8581
expires
Tue, 28 Jan 2025 11:35:35 GMT
vs.js
cdn.tubecorp.com/vs/ Frame 490D
45 KB
17 KB
Script
General
Full URL
https://cdn.tubecorp.com/vs/vs.js
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
50d520806d55eb54fff829764da81ef097da6d8f789a8cb1a516bf8cb7c0dd79

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 12:35:35 GMT
date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 08:59:15 GMT
server
nginx/1.20.1
etag
W/"6038b863-b46b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-request-id
0ab2df6a69b6604b1faf7386c73989a8
x-proxy-cache
HIT
filter
filter.realtime-bid.com/ Frame 62E0
Redirect Chain
  • https://xml.zentrixads.com/redirect?feed=626946&auth=zhEF3k&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
13 KB
13 KB
Document
General
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
472ef1208e98fdb6419249c85cef81e083b3e6d4b45f41bf85c862da882b87cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12952
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:35 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
Server
nginx
filter
filter.realtime-bid.com/ Frame 69CB
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=615317&auth=aX2pUJ&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
13 KB
13 KB
Document
General
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
27ad1f5c6e5277c57a2cbc627a025f4dd2d5f59cb914810b94a63844ded1306a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12943
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:37 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:37 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
Server
nginx
go
r.linksprf.com/v2/ Frame DA39
Redirect Chain
  • https://xml.ctrtraffic.com/redirect?feed=616706&auth=LtBzUz&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=619394&publisher=198307&campaign=1269681&source=619394.531734&subid=531734&pubzone=&offer=27...
  • https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=619394&publisher=198307&campaign=1269681&source=619394.531734&subid=531734&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&e...
  • https://sobisy.com/bis/sob/?ctrl_ab=burp&ctrl_id=65b78d87c6d65308051900&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=1457d0c531694e8385587baba3775e59&api_key=ea7b6f3f8994c077c92bd2d395a98...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=1457d0c531694e8385587baba3775e59&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid...
  • https://r.linksprf.com/v2/go?t=etfpa%3Af%2F0wc.ci2k5u6.4o8%2F6r6c8%2F09011M1L074y3Wv2dEujrB.huS-u.swbFa%25R2nA3%25jtuh_l2uzcsUoBu0D79kYWpxii4pEVoi8mWc_Y%3Farb%3DVtUpZ3I%25SFF2Pw_whiIr4n3fX%26eih%3D...
2 KB
891 B
Document
General
Full URL
https://r.linksprf.com/v2/go?t=etfpa%3Af%2F0wc.ci2k5u6.4o8%2F6r6c8%2F09011M1L074y3Wv2dEujrB.huS-u.swbFa%25R2nA3%25jtuh_l2uzcsUoBu0D79kYWpxii4pEVoi8mWc_Y%3Farb%3DVtUpZ3I%25SFF2Pw_whiIr4n3fX%26eih%3Dy0O0y050Z6n47a3fk8aet2mbc4xcb9n5l0w0wd%2F9sct3h&e=1&ai=88cc5440c333413390da98580af13aaf&sct=0&ct=1706528136399&cu=a0f886e628b446c5925c0c00df9acf3e&ykuid=66fb30ce552c4a6fa069a63de9eed6ec&sc=1&cs=f2ddf576f6e63a27effcb46f617802de
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935e69a0b623916790bc4ceedeb1cc3d0918bf6fec70f82331ecb72c8ac375d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84d12c34ba5f790a-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 11:35:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3Mn3pE%2Bzp0K7E5pIkrxwcaC6ECM79D9d1vn2O2ExHS75jL%2F952nfPNl53T%2BXs%2FHxNuiKm%2FAVLu6u31pXcnDTHNMnkLldK4%2F429JKzqei4RRPCS1%2B42ueswpkukv10VCOg5SKg%2F9SIIXzcFj"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84d12c3439c6790a-CDG
content-length
0
date
Mon, 29 Jan 2024 11:35:36 GMT
location
/v2/go?t=etfpa%3Af%2F0wc.ci2k5u6.4o8%2F6r6c8%2F09011M1L074y3Wv2dEujrB.huS-u.swbFa%25R2nA3%25jtuh_l2uzcsUoBu0D79kYWpxii4pEVoi8mWc_Y%3Farb%3DVtUpZ3I%25SFF2Pw_whiIr4n3fX%26eih%3Dy0O0y050Z6n47a3fk8aet2mbc4xcb9n5l0w0wd%2F9sct3h&e=1&ai=88cc5440c333413390da98580af13aaf&sct=0&ct=1706528136399&cu=a0f886e628b446c5925c0c00df9acf3e&ykuid=66fb30ce552c4a6fa069a63de9eed6ec&sc=1&cs=f2ddf576f6e63a27effcb46f617802de
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0tBl7%2Bw%2FiDqjQwsiBkxL3tF8%2FRpj9UyMOtuMEr%2BdwkYucIiVFjinQPTaPTO%2BAfO5AI%2BGCirVjvxjwqGlchjrI6IWX7J6%2B5THOQOMQm1LXxL37gwNPsFuNr4oYbymz9C43XaGkl%2BTriQFiz9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.rtbfactory.com/ Frame CF17
0
139 B
Document
General
Full URL
https://xml.rtbfactory.com/redirect?feed=633210&auth=5NdnT6&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
video22.html
lesbiansextube.com/ Frame 7857
Redirect Chain
  • https://xml.mediacpc.com/redirect?feed=616707&auth=kv8WiI&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://lesbiansextube.com/video22.html
0
0

go
r.linksprf.com/v2/ Frame 3B7D
Redirect Chain
  • https://xml.mediacpc.com/redirect?feed=629756&auth=ojnfCi&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=618565&publisher=197658&campaign=1269681&source=618565.636095&subid=636095&pubzone=&offer=27...
  • https://varcuringordsetts.com/1aa51c80-e87e-45ee-ae82-a179873e1bd9?pubfeed=618565&publisher=197658&campaign=1269681&source=618565.636095&subid=636095&pubzone=&offer=2791650&cost=0.0002&chs=0.0002&e...
  • https://sobisy.com/bis/sob/?ctrl_ab=burp&ctrl_id=65b78d87ca7a2851346342&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=b2a6ddb987f84565a0c155bdd690ad16&api_key=ea7b6f3f8994c077c92bd2d395a98...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=b2a6ddb987f84565a0c155bdd690ad16&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid...
  • https://r.linksprf.com/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-...
2 KB
865 B
Document
General
Full URL
https://r.linksprf.com/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-3et2pmaciaavisnartvs3i4i0i1c1F0%2592aAe%252pft5%3D2%26a621b1dac29%3D0%268417u%3Dh%3Ftt%25nAr2k%25aFtwd.rr.nta%2Fis.toh&e=1&ai=92836828f09d4120880d349bb055dbfa&sct=0&ct=1706528136304&cu=99dafe42ef45428a82db7dbc09205811&ykuid=31377e91a45149eab986c5877b8878d1&sc=1&cs=78130b1d72a04623352c1858a0c9b67e
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54e207ae4a8c322e6ba1a035a7f487d4493952fca8e0ebbec7262471b6e84d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84d12c3429b2790a-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 11:35:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1aWR4tmrB31%2BkXGe9pjZTKjb6wQtiUmJcK4JjNLK%2FQ0gD3JYAQ1jlVvl7%2B1SJ83iybw1JIuJhzpAc0dB%2FJ4sixERsE9e8%2BqROCDaV06XXDZ7V94Wg6CAPRWciqNq%2Bcy1505vJMUf9zIsQ0y"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84d12c339918790a-CDG
content-length
0
date
Mon, 29 Jan 2024 11:35:36 GMT
location
/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-3et2pmaciaavisnartvs3i4i0i1c1F0%2592aAe%252pft5%3D2%26a621b1dac29%3D0%268417u%3Dh%3Ftt%25nAr2k%25aFtwd.rr.nta%2Fis.toh&e=1&ai=92836828f09d4120880d349bb055dbfa&sct=0&ct=1706528136304&cu=99dafe42ef45428a82db7dbc09205811&ykuid=31377e91a45149eab986c5877b8878d1&sc=1&cs=78130b1d72a04623352c1858a0c9b67e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbt2HHRz0HDF7eI3e%2FeG5qk0cfXQP%2Bg9QSPLNua0h89GQHXTM%2FDbwKfqNFy1G3%2BInUsPvJpy7wDO8TvhPHwOp3Vps3Uea7xssap%2Fs79uE99tddPQse%2BdRNQzIcVbOaPnC9G1FH8E3J4Vbq3q"}],"group":"cf-nel","max_age":604800}
server
cloudflare
go
r.linksprf.com/v2/ Frame 111A
Redirect Chain
  • https://xml.flurryad.com/redirect?feed=626944&auth=qBoLPX&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://updatessughing.com/e9d4eb85-3703-40e8-a8c0-ef663a60a1b4?banner=6191035&pubfeed=481949&siteid=600679&cost=0.0001&conversion=2oI8O1EyGiY
  • https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=e31f58e12a5b4da2b2abb18f026bad17&api_key=3cef6f5fcb3bbf1ec4dbced550ba7d84&site_id=51c5982bd8c245dc9684a6c23519f96c&...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=e31f58e12a5b4da2b2abb18f026bad17&api_key=3cef6f5fcb3bbf1ec4dbced550ba7d84&site_id=51c5982bd8c245dc9684a6c23519f96c&dch=feed&ad_t=advertiser&offerid...
  • https://r.linksprf.com/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=17...
1 KB
790 B
Document
General
Full URL
https://r.linksprf.com/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=1706528135832&cu=974b2c536305480488f6dad90645ad11&ykuid=ad8a2792428942b49de9f2e856d2b526&sc=1&cs=80cb2391abab36a6a3705ba823ed9ad9
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
162db1b2290e1f0e1b97147018c196b812a944323fc66287883ec86a81d698ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84d12c312eb4790a-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ICaMXmym2plXs2Ux6oZkp1sSZStrrRAOHAMkgB9pTRBj12WPqmXa34Jw9Ab9BBibIVSXbgjededvRae9EiBkLDyiLS8nk9btdtpez8rntIvP%2FADh%2B6rWo9Mmpcu2andoouZZWuPcC81Jhhb"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84d12c30ae31790a-CDG
content-length
0
date
Mon, 29 Jan 2024 11:35:35 GMT
location
/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=1706528135832&cu=974b2c536305480488f6dad90645ad11&ykuid=ad8a2792428942b49de9f2e856d2b526&sc=1&cs=80cb2391abab36a6a3705ba823ed9ad9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTpZrrhVgBHrtOiLVowgxs1PWbYM38rAWu%2B3EULVebDX8a%2FMDQ3J%2BK2DrhP38XiwOwwhH9l%2FjkoAjdWxXFEdUhr%2BA6wm0qF5clUIWknjmGoTWECEYRLHMB4fqjJBVU7lU2%2FWKmLYYhGOrwv5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
filter
filter.realtime-bid.com/ Frame 4F8E
Redirect Chain
  • https://xml.clickmi.net/redirect?feed=615323&auth=R59YLB&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
13 KB
13 KB
Document
General
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e22faa88fba32ee15301bf1901c2a39a62432cdf487d16b8155ad1024c3ae150

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12943
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:35 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
Server
nginx
video16.html
baddiesporn.com/ Frame 9C99
Redirect Chain
  • https://xml.clixvista.com/redirect?feed=634146&auth=ZcZzdT&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://baddiesporn.com/video16.html
0
0

go
r.linksprf.com/v2/ Frame C312
Redirect Chain
  • https://xml.ctrtraffic.com/redirect?feed=629202&auth=QnmDKl&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://trackingvo.com/fa065b47-3313-45d1-9137-db898edaa028?banner=6191036&pubfeed=481949&siteid=488231&cost=0.0001&conversion=5H3AMfWUMXs
  • https://charmgriff.com/charm/?charm=https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_...
  • https://fusilare.com/mica/?mica=https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_id=689787cc15c7437fbc240a28cb9e12d4&...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=0bbba1ba8f3d44b08ec60c61e8109f30&api_key=0d65b0fc5769a1cfd873809ea27d9dc8&site_id=689787cc15c7437fbc240a28cb9e12d4&dch=feed&ad_t=advertiser&offerid...
  • https://r.linksprf.com/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1...
1 KB
799 B
Document
General
Full URL
https://r.linksprf.com/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1706528135960&cu=3eb7e03748654ea792da1ba32c2367ae&ykuid=ec6d290f705a4fc88df7661f0e600caf&sc=1&cs=dbd6539f40d1dc2217b52a7514985cd3
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d7244474597fae03600dbaf51a0289d941be278090581ab72f23db38a9812f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84d12c31ff67790a-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 11:35:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrUrDdlTww3w5rmFjVG8IBQ9plYJAtA1QAozCzTyj6aboXByZT3pfPk%2B518BdFhHTIIB5kHbvqfLDfbQJUmgpunNOoPyRo20SAX1LXcKBijR6u1GJN2s5RL4gIA%2BWYR2rzakA6kQCQJEO7ik"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84d12c317ef9790a-CDG
content-length
0
date
Mon, 29 Jan 2024 11:35:35 GMT
location
/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1706528135960&cu=3eb7e03748654ea792da1ba32c2367ae&ykuid=ec6d290f705a4fc88df7661f0e600caf&sc=1&cs=dbd6539f40d1dc2217b52a7514985cd3
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRw1O1X6aEUe%2FXDT2oX7P43OmDSplOY%2BQlmXKpDTQN3sZaGZa4J0wOP85jDUI2inF%2BxuRdswnnc6lC6X5uCRPSzt8Ng1T3BZgEhCbdW3LT0G%2B8ds5GA0NaHD1u9sdy34qO8OjsAYSG%2FFXdI%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.ctrtraffic.com/ Frame 8AA8
0
139 B
Document
General
Full URL
https://xml.ctrtraffic.com/redirect?feed=629199&auth=zLr9BW&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b1e , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
filter
filter.realtime-bid.com/ Frame 6DC6
Redirect Chain
  • https://xml.eximdigital.com/redirect?feed=634443&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
  • https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
13 KB
13 KB
Document
General
Full URL
https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e4e4f52252651512f96d919c5983e3019010503aaf1c7d2441ff0a2dc1cf83d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12944
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:35 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
Server
nginx
redirect
r.linksprf.com/v1/ Frame BE62
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=626962&auth=qAKAp2&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://sobisy.com/star/?jour=https://varcuringordsetts.com/fb5b2cf8-3681-4d35-9409-7659d1e6badb?pubfeed=618569&publisher=197658&campaign=1270859&source=618569.556415&subid=556415&pubzone=&offer=27...
  • https://varcuringordsetts.com/fb5b2cf8-3681-4d35-9409-7659d1e6badb?pubfeed=618569&publisher=197658&campaign=1270859&source=618569.556415&subid=556415&pubzone=&offer=2793550&cost=0.0003&chs=0.0003&e...
  • https://varcuringordsetts.com/ad888fae-fa27-4d56-9ed4-d540f97a4e5f?tsid=cb5d035f-da99-4254-8a9d-768eb8a8c8eb&cmpid=fb5b2cf8-3681-4d35-9409-7659d1e6badb&ofid=a7b10786-c0a2-40f3-860f-6d80f13f7090&fli...
  • https://sobisy.com/bis/sob/?ctrl_ab=burf&jour=https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c...
  • https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid...
0
0

redirect
xml.zentrixads.com/ Frame A499
17 B
166 B
Document
General
Full URL
https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b10 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
75a9042147e6a457a72f68b5e60298c643057ea87600c57f4a84340688763a24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
17
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
redirect
xml.infinity-info.com/ Frame 9A43
22 B
171 B
Document
General
Full URL
https://xml.infinity-info.com/redirect?feed=634483&auth=gPnHL5&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
22
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
redirect
sub.adzgame.com/ Frame 0CD9
0
0

/
becast.onionlive.workers.dev/ Frame 4515
Redirect Chain
  • https://xml.adtube.media/redirect?feed=631737&auth=5q8RSh&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://becast.onionlive.workers.dev/
1 KB
1 KB
Document
General
Full URL
https://becast.onionlive.workers.dev/
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:923 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
84d12c30996599c2-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwRAoXwujR8JV597HvHyqOZPUkvN2DuoEX6%2Br103dQmjmRrK69x%2B7fGHW5kw0Srjnd6%2B%2Bm1z%2BMYZZ%2BJpXZS2o2AlOFNyQhoPk%2FVFnM7DYJnoIStXKnhOEy4T6SQcX69EOObyVDKm3laKbBdZeYlWoV2N9MKkm4pdld2H"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://becast.onionlive.workers.dev/
Server
nginx
redirect
xml.xmladsystem.com/ Frame 784F
0
139 B
Document
General
Full URL
https://xml.xmladsystem.com/redirect?feed=615319&auth=W8TMJ0&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.28 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
/
nrebxx.romancedale.com/ Frame D018
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=615318&auth=OjLd1I&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://trk.makeinsanemoney.com/go/377128fa-5ae0-43cb-9a59-da1f44aabd88?bid=0.0003&conversion=MzEV8laNnHc&pubfeed=600575&subid=602842&campaign=1272703&banner=6263872&keyword=*&offer=2796925&query=%...
  • https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
35 KB
8 KB
Document
General
Full URL
https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.138.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-138-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7c0c77e0a1e7c04d72c50ca488c61b04aa53e2a69b7efb6d1537d34dea14a4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:36 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin
*
cache-control
no-cache
content-length
354
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:36 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
server
openresty
vary
Accept
x-response-time
8.859ms
6600082
ak.whookroo.com/4/ Frame FE52
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=615321&auth=cOpZmC&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://ak.whookroo.com/4/6600082
32 KB
14 KB
Document
General
Full URL
https://ak.whookroo.com/4/6600082
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f0ace959680dfc46b228ac8f4e81ef49425d061af3875e7472e7d7a192660baf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13202
content-type
text/html; charset=utf8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
04b767f8b35066203e4e03de44205e04

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://ak.whookroo.com/4/6600082
Server
nginx
video20.html
lesbiansextube.com/ Frame 8541
Redirect Chain
  • https://xml.clixvista.com/redirect?feed=634351&auth=soTzkH&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://lesbiansextube.com/video20.html
0
0

rar
as.ad4m.at/ad/ Frame A1A7
7 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f58ad20401510edd2468f72cf3861799e220ab6ce5f6b1ae30c7ff8c4439af5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84d12c2c9fee0473-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
redirect
xml.rtbfactory.com/ Frame 3605
0
139 B
Document
General
Full URL
https://xml.rtbfactory.com/redirect?feed=633223&auth=hWvnzW&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
6600082
ak.whookroo.com/4/ Frame 1116
Redirect Chain
  • https://xml.mediacpc.com/redirect?feed=629755&auth=oNyUuc&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://ak.whookroo.com/4/6600082
32 KB
14 KB
Document
General
Full URL
https://ak.whookroo.com/4/6600082
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9afb5a653d5ff3a4bf3416074bc0cb473df67588b2a615c88198beb0b9e3d883

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13204
content-type
text/html; charset=utf8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
343c28d3ce8462fbb0fa5154b271de95

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://ak.whookroo.com/4/6600082
Server
nginx
filter
filter.realtime-bid.com/ Frame A6CD
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=626939&auth=cUVzDz&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
13 KB
13 KB
Document
General
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
754810170b684332f007972bfc21867def70409a279101dfe4410b63db0bc28d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12944
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:36 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
Server
nginx
redirect
xml.eximdigital.com/ Frame 4F67
0
0

RPWOSS
xdufs.sandothesooile.info/ Frame 272A
Redirect Chain
  • https://xml.adtube.media/redirect?feed=615325&auth=nWjGCY&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926093&subid=604734.604222
  • https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redire...
12 KB
5 KB
Document
General
Full URL
https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.224.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-224-242.compute-1.amazonaws.com
Software
/ Express
Resource Hash
af4bfc2bea6b94ea5a0b18b26a6e776d93cc8cb42907875342ee3c7e800c02cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"31f9-VQab6Gxh6L2LJxRO99F4v6Dj3gA"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-length
0
content-type
text/plain
date
Mon, 29 Jan 2024 11:35:35 GMT
location
https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
x-amz-cf-id
LlYEKM5g_22c0812sHUwA4ErF21C1cmHH7c1pFiiv0qLdkYg5IomVg==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
url
www.google.com/ Frame BB09
Redirect Chain
  • https://xml.flurryad.com/redirect?feed=626942&auth=CSVpPf&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwijx7CghPSDAxV-0gIHHbybCL8QFnoECBMQAQ&url=https%3A%2F%2Fswisskauf.us%2F&usg=AOvVaw1cMRF4vjB-hvkO3ZzRww3E&opi=...
986 B
2 KB
Document
General
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwijx7CghPSDAxV-0gIHHbybCL8QFnoECBMQAQ&url=https%3A%2F%2Fswisskauf.us%2F&usg=AOvVaw1cMRF4vjB-hvkO3ZzRww3E&opi=89978449
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
1e82c6c07589b43a339586a5df37180d5417494c49a8852153c1d1a114d31f75
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-v-2AZ8Nkp1eaKpY108Ek_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
485
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-v-2AZ8Nkp1eaKpY108Ek_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwijx7CghPSDAxV-0gIHHbybCL8QFnoECBMQAQ&url=https%3A%2F%2Fswisskauf.us%2F&usg=AOvVaw1cMRF4vjB-hvkO3ZzRww3E&opi=89978449
Server
nginx
redirect
xml.xmladsystem.com/ Frame DABB
0
139 B
Document
General
Full URL
https://xml.xmladsystem.com/redirect?feed=615320&auth=ywL5Zd&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.28 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
redirect
xml.adflyer.media/ Frame 7AEB
22 B
171 B
Document
General
Full URL
https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b1f , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
22
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
6600082
ak.whookroo.com/4/ Frame 30D2
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=626960&auth=c2DVej&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://ak.whookroo.com/4/6600082
32 KB
14 KB
Document
General
Full URL
https://ak.whookroo.com/4/6600082
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38c9ccb08d00d86be48e70de040966156de1617579ec8756d9d3f605fece2df4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13204
content-type
text/html; charset=utf8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
c7a0b0fccbd6a62b946967763b1cdd4c

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://ak.whookroo.com/4/6600082
Server
nginx
redirect
xml.infinity-info.com/ Frame 1A11
22 B
171 B
Document
General
Full URL
https://xml.infinity-info.com/redirect?feed=634482&auth=JoigQT&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
22
Date
Mon, 29 Jan 2024 11:35:35 GMT
Server
nginx
redirect
sub.adzgame.com/ Frame BDB2
0
0

redirect
xml.clickmi.net/ Frame E792
0
0

NTKDYO
pkuwp.sandothesooile.info/ Frame D47E
Redirect Chain
  • https://xml.adtube.media/redirect?feed=631735&auth=KA0htm&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926093&subid=604734.604222
  • https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redire...
12 KB
5 KB
Document
General
Full URL
https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.225.185.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-185-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash
910a016679ad5f8236e3a355f6df70d3372823ab1ef054d486c0e7f9e4b957e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"31f9-NlfWN7fQ6Kgr68sC83us/25K7/s"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-length
0
content-type
text/plain
date
Mon, 29 Jan 2024 11:35:35 GMT
location
https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
x-amz-cf-id
QQTXZu5tJzAwi8ZNsduYFcTejJUH6TBn0aIrDRnVzYxLZj3s6Rraqg==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
lang-widget-en.json
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 86ED
12 KB
5 KB
Fetch
General
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/lang-widget-en.json?v=c80cd27b-e785-433b-a519-6cad7f6fd3a3
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
c3c8a840523cbfaf32de76e8decd6d6aa6a3914ea36f811c4c8b0a1190368ed4

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-662
cdn-cachedat
01/09/2024 01:15:24
cdn-pullzone
236985
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:21 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"659c9e29-3135"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
5b186f7127252b1a972d202745231b8e
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
/
www.myprotein.it/ Frame B59B
Redirect Chain
  • https://r.secprf.com/v1/redirect?url=https://myprotein.it&api_key=437c4407d7781aecb3ae0e97b520ec16&site_id=3563bc873b454ce0b690db7fc454b808&type=url&source=https://such.de/de/search/myprotein.it&yk...
  • https://r.secprf.com/v2/go?t=tt.pi%3At%2Frwy.Fw%25n2.Ao%25%2Fpwtl%3Dc%26.dhh%3Fui%3D%3Df6r4%26i0%3Db454c67cdi9kbee%3D4u4h3d8%26bl6c3rdfe%3Dc0100000c468634e3c4e3c35a4837a371c074132v1rdw%26%26ldchruf...
  • https://www.awin1.com/awclick.php?mid=7614&id=143466&clickref=such.de&clickref2=v03040001438738eac3e3c4534436a67cc070112c1edd&clickref3=3563bc873b454ce0b690db7fc454b808&clickref4=such.de&awcr=v0304...
  • https://www.myprotein.it/?affil=awin&utm_content=yieldkit&utm_term=Sub+Networks&utm_source=AWin-143466&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=143466&awc=7614_17...
0
0
Document
General
Full URL
https://www.myprotein.it/?affil=awin&utm_content=yieldkit&utm_term=Sub+Networks&utm_source=AWin-143466&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=143466&awc=7614_1706528135_6d8724eebc1d3bf0a31b3c99375efbeb
Requested by
Host: such.de
URL: https://such.de/search/myprotein.it
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.157 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'self' https://www.googletagmanager.com https://*.liveperson.net https://cdn.appdynamics.com https://*.lpsnmedia.net https://www.facebook.com https://connect.facebook.net https://*.google.com https://widget.trustpilot.com https://*.doubleclick.net https://www.youtube.com https://wb.messengerpeople.com https://static.criteo.net https://*.criteo.com https://tpc.googlesyndication.com https://ct.pinterest.com https://hal9000.redintelligence.net https://*.recaptcha.net https://*.zenaps.com https://*.hotjar.com https://*.akamaihd.net https://*.translate.naver.net https://ln-rules.rewardstyle.com https://tr.snapchat.com https://www.pinterest.com blob: https://*.abtasty.com https://app.qubit.com; connect-src 'self' https://*.thcdn.com https://*.ingest.sentry.io https://*.pingdom.net https://*.doubleclick.net https://*.google-analytics.com https://capture.trackjs.com https://fp.zenaps.com https://www.facebook.com https://*.google.com https://*.thehut.net https://privacyportal-eu.onetrust.com https://geolocation.onetrust.com https://cdn.cookielaw.org wss://*.liveperson.net https://ct.pinterest.com https://*.google.it https://*.akamaihd.net https://*.sciencebehindecommerce.com https://*.hotjar.com wss://*.hotjar.com https://*.googleapis.com https://*.trustpilot.com https://*.pinterest.com https://*.doubleclick.net https://*.bing.com https://connect.facebook.net https://*.baidu.com https://*.parcellab.com https://tr.snapchat.com https://*.contentsquare.net https://*.abtasty.com https://*.qubit.com https://*.qubitproducts.com https://horizon-api.www.myprotein.it https://*.criteo.com https://*.criteo.net https://*.prod.mplat-ppcprotect.com https://*.lunio.ai data:; font-src 'self' data: https://*.thcdn.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://static.thgcdn.cn blob: data: https://*.abtasty.com https://*.gstatic.com https://*.googleapis.com; form-action 'self' https://www.facebook.com https://www.myprotein.it https://m.myprotein.it https://checkout.myprotein.it https://connect.facebook.net https://tr.snapchat.com; img-src 'self' data: https://*.thcdn.com https://col.eum-appdynamics.com https://usage.trackjs.com https://*.lpsnmedia.net https://*.doubleclick.net https://www.google-analytics.com https://*.google.com https://cx.atdmt.com https://www.zenaps.com https: blob:; media-src 'self' https://*.thcdn.com https://*.lpsnmedia.net https://static.thgcdn.cn; object-src 'self' https://*.thcdn.com https://www.youtube.com; report-uri https://csp.thehut.net/cspReport.txt; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https://*.thcdn.com https://*.thehut.net https://rum-static.pingdom.net https://*.liveperson.net https://*.lpsnmedia.net https://*.doubleclick.net https://static.cdn-apple.com https://*.liveperson.com https://geolocation.onetrust.com https://cdn.cookielaw.org https://cdn.parcellab.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://fp.zenaps.com https://www.youtube.com https://www.google-analytics.com https://*.google.com https://google.com https://connect.facebook.net https://bat.bing.com https://widget.trustpilot.com https://s.ytimg.com https://www.googletagservices.com https://*.googleapis.com https://www.facebook.com https://www.googleadservices.com https://*.gstatic.cn https://*.gstatic.com https://www.dwin1.com https://cdn.trackjs.com https://seal.digicert.com https://*.criteo.com https://static.criteo.net https://s.pinimg.com https://tpc.googlesyndication.com https://remote.captcha.com https://platform.twitter.com https://*.akamaihd.net https://*.recaptcha.net https://*.sciencebehindecommerce.com https://*.hotjar.com https://*.microsofttranslator.com https://*.trustpilot.com https://*.translate.naver.net https://*.doubleclick.net https://ln-rules.rewardstyle.com https://*.google-analytics.com https://twitter.com https://*.baidu.com https://sc-static.net https://www.google.com https://*.google.co.uk https://google.co.uk https://static.ads-twitter.com https://analytics.twitter.com https://static.thgcdn.cn https://*.contentsquare.net https://app.contentsquare.com blob: https://*.abtasty.com https://static.goqubit.com https://*.qubit.com; style-src 'self' 'unsafe-inline' https://*.thcdn.com https://*.google.com https://*.googleapis.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://www.googletagmanager.com https://*.googleapis.com https://*.translate.naver.net https://*.microsofttranslator.com https://cdn.parcellab.com https://static.thgcdn.cn https://*.abtasty.com https://*.gstatic.com; upgrade-insecure-requests; report-to report-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

Referer
https://such.de/search/myprotein.it
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
child-src 'self' https://www.googletagmanager.com https://*.liveperson.net https://cdn.appdynamics.com https://*.lpsnmedia.net https://www.facebook.com https://connect.facebook.net https://*.google.com https://widget.trustpilot.com https://*.doubleclick.net https://www.youtube.com https://wb.messengerpeople.com https://static.criteo.net https://*.criteo.com https://tpc.googlesyndication.com https://ct.pinterest.com https://hal9000.redintelligence.net https://*.recaptcha.net https://*.zenaps.com https://*.hotjar.com https://*.akamaihd.net https://*.translate.naver.net https://ln-rules.rewardstyle.com https://tr.snapchat.com https://www.pinterest.com blob: https://*.abtasty.com https://app.qubit.com; connect-src 'self' https://*.thcdn.com https://*.ingest.sentry.io https://*.pingdom.net https://*.doubleclick.net https://*.google-analytics.com https://capture.trackjs.com https://fp.zenaps.com https://www.facebook.com https://*.google.com https://*.thehut.net https://privacyportal-eu.onetrust.com https://geolocation.onetrust.com https://cdn.cookielaw.org wss://*.liveperson.net https://ct.pinterest.com https://*.google.it https://*.akamaihd.net https://*.sciencebehindecommerce.com https://*.hotjar.com wss://*.hotjar.com https://*.googleapis.com https://*.trustpilot.com https://*.pinterest.com https://*.doubleclick.net https://*.bing.com https://connect.facebook.net https://*.baidu.com https://*.parcellab.com https://tr.snapchat.com https://*.contentsquare.net https://*.abtasty.com https://*.qubit.com https://*.qubitproducts.com https://horizon-api.www.myprotein.it https://*.criteo.com https://*.criteo.net https://*.prod.mplat-ppcprotect.com https://*.lunio.ai data:; font-src 'self' data: https://*.thcdn.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://static.thgcdn.cn blob: data: https://*.abtasty.com https://*.gstatic.com https://*.googleapis.com; form-action 'self' https://www.facebook.com https://www.myprotein.it https://m.myprotein.it https://checkout.myprotein.it https://connect.facebook.net https://tr.snapchat.com; img-src 'self' data: https://*.thcdn.com https://col.eum-appdynamics.com https://usage.trackjs.com https://*.lpsnmedia.net https://*.doubleclick.net https://www.google-analytics.com https://*.google.com https://cx.atdmt.com https://www.zenaps.com https: blob:; media-src 'self' https://*.thcdn.com https://*.lpsnmedia.net https://static.thgcdn.cn; object-src 'self' https://*.thcdn.com https://www.youtube.com; report-uri https://csp.thehut.net/cspReport.txt; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https://*.thcdn.com https://*.thehut.net https://rum-static.pingdom.net https://*.liveperson.net https://*.lpsnmedia.net https://*.doubleclick.net https://static.cdn-apple.com https://*.liveperson.com https://geolocation.onetrust.com https://cdn.cookielaw.org https://cdn.parcellab.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://fp.zenaps.com https://www.youtube.com https://www.google-analytics.com https://*.google.com https://google.com https://connect.facebook.net https://bat.bing.com https://widget.trustpilot.com https://s.ytimg.com https://www.googletagservices.com https://*.googleapis.com https://www.facebook.com https://www.googleadservices.com https://*.gstatic.cn https://*.gstatic.com https://www.dwin1.com https://cdn.trackjs.com https://seal.digicert.com https://*.criteo.com https://static.criteo.net https://s.pinimg.com https://tpc.googlesyndication.com https://remote.captcha.com https://platform.twitter.com https://*.akamaihd.net https://*.recaptcha.net https://*.sciencebehindecommerce.com https://*.hotjar.com https://*.microsofttranslator.com https://*.trustpilot.com https://*.translate.naver.net https://*.doubleclick.net https://ln-rules.rewardstyle.com https://*.google-analytics.com https://twitter.com https://*.baidu.com https://sc-static.net https://www.google.com https://*.google.co.uk https://google.co.uk https://static.ads-twitter.com https://analytics.twitter.com https://static.thgcdn.cn https://*.contentsquare.net https://app.contentsquare.com blob: https://*.abtasty.com https://static.goqubit.com https://*.qubit.com; style-src 'self' 'unsafe-inline' https://*.thcdn.com https://*.google.com https://*.googleapis.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://www.googletagmanager.com https://*.googleapis.com https://*.translate.naver.net https://*.microsofttranslator.com https://cdn.parcellab.com https://static.thgcdn.cn https://*.abtasty.com https://*.gstatic.com; upgrade-insecure-requests; report-to report-endpoint
Content-Type
text/html;charset=UTF-8
Date
Mon, 29 Jan 2024 11:35:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=60
Pragma
no-cache
Referrer-Policy
unsafe-url
Report-To
{"group":"report-endpoint","max_age":86400,"endpoints":[{"url":"https://csp.thehut.net/cspReport.txt","priority":1,"weight":1}],"include_subdomains":true}
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block; report=/xssProtection.txt
vary
accept-encoding

Redirect headers

Allow
GET
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 11:35:35 GMT
Location
https://www.myprotein.it/?affil=awin&utm_content=yieldkit&utm_term=Sub+Networks&utm_source=AWin-143466&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=143466&awc=7614_1706528135_6d8724eebc1d3bf0a31b3c99375efbeb
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
index.css
campaigns.milibris.com/ Frame 690D
3 KB
1 KB
Stylesheet
General
Full URL
https://campaigns.milibris.com/index.css
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
2052b7c6f11b588b309d6f4edcf6e69e45636eac4d55c7786c750ebdbf3df82c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"aa4-18bb4b2ca50"
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
jquery-2.1.4.min.js
campaigns.milibris.com/js/ Frame 690D
82 KB
30 KB
Script
General
Full URL
https://campaigns.milibris.com/js/jquery-2.1.4.min.js
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"14979-18bb4b2ca50"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
reader.css
campaigns.milibris.com/js/ Frame 690D
133 KB
19 KB
Stylesheet
General
Full URL
https://campaigns.milibris.com/js/reader.css
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
2a92fb119d491db997c85e92817381a68707486c1a55293827329a548c95217d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"2157f-18bb4b2ca50"
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
reader.js
campaigns.milibris.com/js/ Frame 690D
886 KB
211 KB
Script
General
Full URL
https://campaigns.milibris.com/js/reader.js
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
c7f837ecf6d3bb1f7b5fe9d923bf06c40d635e3959fc164d81b3575210ad7eab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/65a8b0515869b1af769f7e4e/reader/05062506-9717-4396-b66a-19d63c417f0b?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"dd932-18bb4b2ca50"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 32F0
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
43633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Sun, 11 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 6F45
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
43633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Sun, 11 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 1207
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
43633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Sun, 11 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A1A7
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2606866
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DJhJVmmZvadprOvMVBKgdBcdAvl%2BetVbbp3Jp%2FaeiGmRn6i0t3uEmylefOA%2BHDe88xY0N7Knc5ZMTXb%2FW0WLpuoWKZOu0FviNBm%2BY7dk6DxwHbnkKUJQ0GkCSwUdPxWvT6sQrzGu8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84d12c2d0e22d6a2-CDG
expires
Tue, 30 Jan 2024 11:35:35 GMT
71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame A1A7
10 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407381
cf-polished
origFmt=png, origSize=10653
alt-svc
h3=":443"; ma=86400
content-length
9924
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 11:11:38 GMT
server
cloudflare
etag
"ca1cf24fc82b7541b262f0d4b15a8100"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZTN3zpVHDLUIQgHVJ2ia7%2BOrz4SlOgeewh3XDUkcvryLYgbgTWv5orFKg6zpx1tfRd13TWqU3IfTIjQs01SKpmaThIxs8BAc7uc2%2FYIsAGBDktJ7vws%2BN4nuYNbQQTMu8nxPg3Zqjv%2Fj3kE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d288b0473-CDG
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame A1A7
28 KB
28 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5117172
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28452
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:32 GMT
server
cloudflare
etag
"ad60aab65075d58e4390c75c7ea7b04e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxohTWlACv1O%2BVxT%2BtOTNUpZ6BL8W1VmINtAVKiL79sGItHAU6znu2XdLC38580cOzUznoVZ5JGmW5bkMJr8QcauBtE45yawg0Vloz%2BTB4LMwjUS4WeQRuoAXlvt6Mf2VN5iWrUuu%2FVguHsj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d288f0473-CDG
B428F1136C7C2A0587399672B3E6257AFBE1C9DD6F781EC1A381E21233C0B16DCFB425855B6D579A455E639BDCAFFE9E9A793DA2C8B4F065188F1CFBA3ED6A69
assets.ad4m.at/logo/ Frame A1A7
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B428F1136C7C2A0587399672B3E6257AFBE1C9DD6F781EC1A381E21233C0B16DCFB425855B6D579A455E639BDCAFFE9E9A793DA2C8B4F065188F1CFBA3ED6A69
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d67d29cfa8ed5e468b0b9bd02bf5e66ef8994b4b0245b0e31cb72f642b4d1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1060071
cf-polished
origFmt=png, origSize=29753
alt-svc
h3=":443"; ma=86400
content-length
9198
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Jan 2024 16:01:56 GMT
server
cloudflare
etag
"782ab1e273b6d319b466918a1c87b5d5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7bhmEsw2YTsg37iBoKb9AzJv2pWHL6EHGHAMRn6k%2BXJwA%2BBir7OmjosxACJNlHKyKdeGoeCms91rXikZSqvg2ktEBhQNfnZOnUI7aIDNY4YA6FB5hiN920mss3CP0CFbdPTx8e9T2wqVLYU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d288a0473-CDG
81D0EA2F097268FF1B36B08EB2C852313F8741135400716E24A77047660B4D70ADDD46F8C779075EBA74C35BADD103A1536E2B79C4165C5F97E3BBF43DE1B94D
assets.ad4m.at/ Frame A1A7
26 KB
27 KB
Image
General
Full URL
https://assets.ad4m.at/81D0EA2F097268FF1B36B08EB2C852313F8741135400716E24A77047660B4D70ADDD46F8C779075EBA74C35BADD103A1536E2B79C4165C5F97E3BBF43DE1B94D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b8c4c304be3320fd41260be7e00fcd381499e76bb239e397894c752de77378

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361308
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
26868
cf-bgj
imgq:85,h2pri
last-modified
Thu, 25 Jan 2024 07:07:40 GMT
server
cloudflare
etag
"77192cebc3b4c3fd3021020869d3f21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT%2F7fXtrzNBdWD221GxK4ItoYmp5pylmmilFi350JlTWVBAGPxzXwTjch1ESddbhXKbYpNjFZrw9qSyF6KFBGWrBzyFJdcXNdI4zAV51mlRJ5f2Ei7q347uyphsGh2DRs1ZfERc2ZW7OcCLr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d288d0473-CDG
149646259CA8066E3A5A1207099A3908FFC09C7F3C37D08239EBB31C54261A1AA538674E4B4B5FCD4DA08A54257FBFA258B76FD5730F0A2AA38B475B76139C0D
assets.ad4m.at/logo/ Frame A1A7
10 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/logo/149646259CA8066E3A5A1207099A3908FFC09C7F3C37D08239EBB31C54261A1AA538674E4B4B5FCD4DA08A54257FBFA258B76FD5730F0A2AA38B475B76139C0D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4c250889658504fa7c1310fafac388d451a64a892e513f59ce06e674c97c248

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
412348
cf-polished
qual=85, origFmt=jpeg, origSize=13707
alt-svc
h3=":443"; ma=86400
content-length
10590
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Jan 2024 11:18:17 GMT
server
cloudflare
etag
"1985b922682a33888f9b706dac737fa1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo47s%2FT3MILYeb2QCqfCa9Yd7tu9nVRk%2FWzdKjdLd%2F3D0jb2hVcG%2Bxrd0ly%2FQ9qboVb88cIjCsfAFSnuveIZkA3OQcOeXAZBtLd5vy8BLJlmJVH47IVQLClBg%2BzjgZI%2BwkTZgq1XzGORj%2FjF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d28880473-CDG
3CD9607E38BBEBC0B44B02CAD49743E6046C5C260EA9087D2C3577050E5BBCE2E677FF4ED378DC79EBFF8A275E11CCA64B1E99069C3E9A6474D12F511AF46D79
assets.ad4m.at/ Frame A1A7
34 KB
34 KB
Image
General
Full URL
https://assets.ad4m.at/3CD9607E38BBEBC0B44B02CAD49743E6046C5C260EA9087D2C3577050E5BBCE2E677FF4ED378DC79EBFF8A275E11CCA64B1E99069C3E9A6474D12F511AF46D79
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538d3a7186d87e07c88995d57d82c1045c1414f8629ffb877f9a2d0808bfb853

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
477760
cf-polished
qual=85, origFmt=jpeg, origSize=35298
alt-svc
h3=":443"; ma=86400
content-length
34656
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Jan 2024 11:26:50 GMT
server
cloudflare
etag
"ce8c7e28cd2ee5414cebb73094b58342"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iB8e7qEMLmNfOOdznleNitd0hvNkMzBzRj2FLzzgH7HMRXV4Ax5jN6U588MajvW4wMVQJQshFCg1UMkgvkkKGu7l%2FRsdX75zajuGpCdKKSyOrcVX%2BEdHGBQ9ZxLEKTh1yfShlvEAuWHM%2BdEg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84d12c2d28900473-CDG
cshow.php
www.awin1.com/ Frame A1A7
43 B
705 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3451205&v=41900&q=460534&r=412871&pv=1&pref3=oneid3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCdoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 11:35:35 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
magnifying.png
bitporno.de/images/ Frame 490D
481 B
695 B
Image
General
Full URL
https://bitporno.de/images/magnifying.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/assets/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1bebd77ee7e02febbc489525e4cbfc1336f8ee18629a41ee4d2593b49591eed6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://bitporno.de/assets/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:49:31 GMT
server
nginx
etag
"657e459b-1e1"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
481
expires
Tue, 28 Jan 2025 11:35:35 GMT
opensans.woff2
bitporno.de/css/opensans/ Frame 490D
15 KB
15 KB
Font
General
Full URL
https://bitporno.de/css/opensans/opensans.woff2
Requested by
Host: bitporno.de
URL: https://bitporno.de/assets/opensans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer
https://bitporno.de/assets/opensans.css
Origin
https://bitporno.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:52 GMT
server
nginx
etag
"657e4574-3cd4"
content-type
font/woff2
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15572
expires
Tue, 28 Jan 2025 11:35:35 GMT
opensans-light.woff2
bitporno.de/css/opensans/ Frame 490D
16 KB
16 KB
Font
General
Full URL
https://bitporno.de/css/opensans/opensans-light.woff2
Requested by
Host: bitporno.de
URL: https://bitporno.de/assets/opensans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Request headers

Referer
https://bitporno.de/assets/opensans.css
Origin
https://bitporno.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:52 GMT
server
nginx
etag
"657e4574-3f18"
content-type
font/woff2
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
16152
expires
Tue, 28 Jan 2025 11:35:35 GMT
opensans-bold.woff2
bitporno.de/css/opensans/ Frame 490D
16 KB
16 KB
Font
General
Full URL
https://bitporno.de/css/opensans/opensans-bold.woff2
Requested by
Host: bitporno.de
URL: https://bitporno.de/assets/opensans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Request headers

Referer
https://bitporno.de/assets/opensans.css
Origin
https://bitporno.de
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:48:52 GMT
server
nginx
etag
"657e4574-3f94"
content-type
font/woff2
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
16276
expires
Tue, 28 Jan 2025 11:35:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 884A
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F813
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 10:29:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F813
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
85278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 11:54:17 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F813
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
344478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F813
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 21:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
52170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 21:06:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F813
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
42818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F813
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F813
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cz20F49wqxJ1OmwoNYp_cDgxiL9otbC2bsTlKulgFe5xSLqP-38__t8ZVsvav8EDb6qrQkBeLokupTDKaRjULVOy50z0w3P4f7PeAJD3-aE2ysBDY
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13820531351744016112
s0.2mdn.net/simgad/ Frame F813
2 MB
2 MB
Image
General
Full URL
https://s0.2mdn.net/simgad/13820531351744016112
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33db468176c7584362ee0201b08118a53b5679f9953195323eed119843941795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 01:39:20 GMT
date
Wed, 24 Jan 2024 01:39:20 GMT
x-content-type-options
nosniff
age
467775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2201517
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 14:41:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame C504
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
13820531351744016112
s0.2mdn.net/simgad/ Frame 28DC
2 MB
2 MB
Image
General
Full URL
https://s0.2mdn.net/simgad/13820531351744016112
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33db468176c7584362ee0201b08118a53b5679f9953195323eed119843941795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 01:39:20 GMT
date
Wed, 24 Jan 2024 01:39:20 GMT
x-content-type-options
nosniff
age
467775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2201517
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 14:41:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 28DC
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 10:29:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 28DC
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
85278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 11:54:17 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 28DC
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
344478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 28DC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 21:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
52170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 21:06:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 28DC
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
42818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 28DC
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28DC
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLf5gnpMZfJUMIQKGSVQ1fZF7aEHj-wMaKLbPPxsdStS82gPDMPCTGqHDRSU5FyahLUwKLVr4beuGoJJJxx3HCutFx4VrZhd4b5oNEUSFnaN0wxDs
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 742D
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 11:35:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame A1A9
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 10:29:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame A1A9
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
85278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 11:54:17 GMT
view
ad.doubleclick.net/pcs/ Frame A1A9
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvVW2_oy7dDIzpm9TU7qdBjOCyIyUHKIBXO_YbQLB3aK_XmI03NwKiNwPichWKZG2x7I57ZKnL0SrpbUorRAzy0v2dv6Kf0oUUYAbSGOkjdX8tH1kEa8Q84Mj7CcF-QB6kmMs9xHdliJkUNgP0VCAyoRpby1UzXXG9-iDYcirABBewYV9zfQhhbNF5ghduYQ9pTUf7tcpi1K-EogvUuNBR01rzdZh7XtlmLFAQ8rbAfcUnARx2YvAXYEX6JE8HqSBBwPt3-5UjVtFECkaaA3pL81iwZn4hFQ3k0K6ByFQjGpIQEro7_4ZKbOwzSBQOKoxw3-iHAGfrGbm-G9CYOcb1Vy8Hng9AIICnytFN8wpWT3zJMXUMo7P_qX8IuNlQjfwMHRgsxV9MuqYKEZlTOGlH8cC7AEyRNQquyYE-9YixEVeP388M3SV7BP2FiJpzpudX1thCNOx0EKULztV6_cAAPy6gzPpJvQjJYO-MAajjKuQ64v4Iea-9VCkl5wYuxmG9OyLcmN9qTJo86gaF8bcwM41KZCC27Wz1c4qRonlQ3qAg4pk4EkUAO2T-Qz8rqW3lcFs8bonk-mRLc86nB-AbwRntlTbYtHcVikaLk1fRfaYoM_L81e_RjkalbxZEa5_4W_V3VIeyJC0RdX9oh7Sde0DFpvJVTV2grLnHxRgMBremt-W92ziflrhRWvJPUSSEepTlIV_uKxlVtzu26VjvtDzN5ZM-sNBZO1cfhxLAM1zJR_ZSF8N2KxaoYCH-zR9Gxb2ApwTQ6IsYroFomjsMk6QcFeRY-4p-ZkGjaTneqJvy8eWf49UO0wBBEJSxxOTB9bJObQB-g7F2F7zVfw9FRK4a3yUfM5xp9eRIM7p7CIac0Q5svPDiKocH2g5D-eCxPmQfPRUvyGgAPcZOtKWiiutm-UiwOVPOJcZwC1yJjpFrBYsgm0gOcfv5Jfmm6RmbLQEgO6LkYTAxSq2kGZJqkRMP23wyKlMccNtVW4K_KRr5UVWBm5fXe1dx4exbZrV7VL1u6ioFd_xNUZjuwKE-hJt0h0mSQJdhQgQRjkRNspIZL-nWxxfM19laPtcMzKPYaf8UDoBW3Le0n4l2-_duWkjlPtXD6k3l7igoUyJVojJk5QWhBbnlaxHpvWp6MiG6ME-HRfxgs2BiDheiRQIXwzjuWMEtpgMeEWiGBHBmxD3D74fwP3Yn1HX_J-4ECLoOorzOHY55_HfsD0nOjilnLFVIrKUZKDTaRGhEEz28rLaG7pj3REvKgOit8txS6plYtY1S2lT0Rk0sjI7zIf_Zr1EJpVRpoL-oIbsSA0p7GqwNptZOXrSCaqwM&sai=AMfl-YSuYkjI0farkPV47LZdI2E8LCYifOHtIpe6SQ3F-2jQcNvzZAife1ifGu4zbYvlBkm7QU_1qbcpFJ2xTIfM43Qv7ylHTYy84YDQeR0_GpaLSHZzkQsS9z9ijPLuNMUJ067L4A2Ab2pjzP8kunxTNpjdlw_Mbh2Oea7N9Hi2yOhhzVjW2JzjFc7ck1D-ObM_0D4k1jNM5CxxU8tkooJ_umrv1patrAZQOAQpOewG5g59H1uPbKuNYhkDZ_VHQxDipkP86mS2V_rFoVShtbuRv2ilXGQ-71KjK6iV57ixHk4I-GXg2yBvowTDD1CzYDBOcQ_GkHtPpF9MLOsplEeknjtSs-bdRI4bsx2a77gMLNr9kmmkhsqLelcZm3znf7dWqAUe7_wZG1iC39UtBFbS0Vqba3NFkmBZQZy62QRtuPylnTMlqd04jLicVsMPxGjqw-FBHdEN6OxsIab8st0h9wRJje0draG9Ug-Rxn31qBIHk0OYpJBTwN_xSmnCrjF1m1ClfxzRG9v4Aw&sig=Cg0ArKJSzC1QJmGTbHg8EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.32883&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A1A9
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
344478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A1A9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 21:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
52170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 21:06:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A1A9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
42818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A1A9
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1A9
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Az4OxdfDaWyrbJZzb4WjxxlWkKs1p3jqjslWFjLs-pY6DvqUo2zwFOs-mCQyapa1aJbUErX9lgKlWlTs3H0H0IqBMtIIutOEP2dMh3ftg4664dhZw
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4542994059467071373
s0.2mdn.net/simgad/ Frame A1A9
40 KB
41 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/4542994059467071373
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e56ee982dae9d74289b3b2e2ff2ed5ed11e63f650fd4b32b6e752d3e9ac0c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 19:12:22 GMT
date
Tue, 23 Jan 2024 19:12:22 GMT
x-content-type-options
nosniff
age
490993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41356
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 14:17:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
link.html
track.webgains.com/ Frame A1A7
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gmqcfps234et0b00kxa898y6fz6p7xkasrma2kv7ht2ssxdcsx9v4r94zrzcbr3yjnhtw1p69pn1135xraqf111av9qr8h6kr43z6fdv3rte9mnzbmss7haa4xps1zjxjmhw2fsycx8zrgyx11d2709qbnkk71h04wzvsz13018zfj9hgvknjakvmdr7j1v2sbj09z9nth73yc94jyga3f5z4qempfysq0s4knd6pj93h57ta0jfhd5qdjcbd1beb0yw08%26a%3D&clickref=oneidwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5oneid__Influencer_TT_advancedad_300x250&viewref=oneid1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcAoneid__Influencer_TT_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.158.88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-158-88.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a0e3da3ed45092c28472ed34cd0cb5d07b2288bf8b99bae0ae010d1827ed69bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Mon, 29 Jan 2024 11:35:35 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 29 Jan 2024 11:36:35 GMT
rum
dsum-sec.casalemedia.com/ Frame 884A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
43 B
554 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYzQECO8ZNMom4TvtcasqBowlb9SNQBv%2BlLE2CKK5TSWL58%2BTEKKVC5fa37BYnQsFIsmx%2BJKid69zaU8ZQstf9XcdofJgLULQ8ENoa9gmc%2FA6YSPXzGpqYI52cDjAR3e34aSTef4l1Gqgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c300e8f3a44-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 884A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNh2t3o9llTqUclAm.zwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1&google_hm=2
43 B
770 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cc30SaSi1Vd%2FzOTk7NMXFYvuk71G8xzZZfvEkKvkiVGIkVUgujMHHIr%2FeIy%2F8REfk9jwUJ8wtJh2SBMcCLro54KWgWvfHj3lmDXfjL8RmDXRS3XTWQP6u4ElN2DRBbIrdQaJ10qxWM2JDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c309c24697f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 884A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
4723dd2d-c94d-4213-9796-56f938511c3d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
7f6836d2-aa1d-460e-b7f6-f6f7d4c7c349
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 884A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWIA5wwCCiZ_PqF-f0nT7OpNOHfrMLtl9Tayuz5dBRywGETGLA8kh6KRSi5CbYV5w24bab_9BUsh0BoGD3sjxWm4180BtYuEhQrJo8Z-cHES5i4sKo3JkdmtVaDzO-3uCx8mDjBbinV8u8f7k9Mju-QofQrzK2QBwW32VkWdfhH-cc8_nQ
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
31057f0e-7099-4cee-a351-b0574152692b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
233.362b.c.css
consent.cookiefirst.com/banner/v2.14.6/static-main-no-autoblock/ Frame 86ED
127 B
881 B
Stylesheet
General
Full URL
https://consent.cookiefirst.com/banner/v2.14.6/static-main-no-autoblock/233.362b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cdn-edgestorageid
1080
cdn-storageserver
DE-167
cdn-cachedat
01/24/2024 08:56:50
cdn-pullzone
236985
content-length
127
visitor-location
FR
last-modified
Wed, 24 Jan 2024 08:56:49 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65b0d0d1-7f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
7352d22d34b4dfaf7deae6fa5234d3e3
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.8420.c.js
consent.cookiefirst.com/banner/v2.14.6/static-main-no-autoblock/ Frame 86ED
96 B
859 B
Script
General
Full URL
https://consent.cookiefirst.com/banner/v2.14.6/static-main-no-autoblock/233.8420.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1082 /
Resource Hash
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-663
cdn-cachedat
01/24/2024 08:56:50
cdn-pullzone
236985
content-length
96
visitor-location
FR
last-modified
Wed, 24 Jan 2024 08:56:49 GMT
server
Cookie First CDN-DE1-1082
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65b0d0d1-60"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
74a13e467dcf7dd3c1c5634e0231ccf0
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
rum
dsum-sec.casalemedia.com/ Frame C504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
43 B
421 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nzf%2BTbdvNaqAi%2FG6O8AtD6F8EilunxjHcP6faj9fZ8MJODycj3r0sV2p0Zp0NqCW8OZ1B0K1s5wOKDxxs1Tjd8pY8GEF6sWNuIa2i9bm4Ua4WalNonnCRl9GEWuCyA5rZ9ioNYl7lHy1sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c300e903a44-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C504
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNhxo801NNq19dJP-kGAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXp951hk1Qw6RGX1Ds6b%2F2hUlvt%2Bbjf5tZumZkCHSs0P62guQVlHU0HsmKjLG9OOILSKvCYGL4mphRe4RYq8AHMYoeKpwVr8RW8myBDUeyzJOvwFLeFk82mamwtJtoWjLMr18r%2BevfQ2bA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c30cc4e697f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame C504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
291d5fd2-8a90-4c9b-8060-c23a5dca81e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
22901a21-224d-4077-aaa9-07c3388db460
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C504
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNWQGFOniAOJiLyJDOPXG4NCVsDw0HDwVYzn0RYp--ZGcDAanorlSL9Y5EZPhT-aZeBFFmpFsvUe76QzglsWuMLO5bRoTi9_dUxpJt6pBmAW8HV1iSZP1Ja7mH_I1AvuTBf-Gbjsk7TRRCRGZu9x1a7J03njVujP-y4XIFQJotxKLXdHMC4
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
5b65faee-0027-44fd-a3f0-8d7c0b4dccbe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 742D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
43 B
335 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZexgBpz0Vpv4%2Ffu9O2wYuUm2OXFDnZK0BP8V%2FABP0IA4Fh1hhMM0BoAG2W8G0s34bn30125No9HB6cAk0LBHXiiwP7r1CKqkb8bJfDwOWL7ppSeDunJGp%2BWWEITeabedBa2Y5G0sPVhxyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c300e933a44-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 742D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbeNhxo801NNq19dJP-kGAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP%2FZ8ctgJZyRAhbbz2C4fqMkjC%2F9wJbp6lrcKEnh4NjJRkygwvLQ7thCri4gdF0bnSwBJc%2FX%2BvgiDU1jFD8Yda0A2VO%2BhmmWFzvM7nye%2F7h0%2Fmm9MMoADxbMWhd1KTzCPkZVAkdKazq4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d12c30cc4c697f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBLIN52CYucWP4zbKoakwCc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 742D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOAGI1RjncTzOsVioXEJAQU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
f182a944-249f-4e46-b4c7-f7fc918cbf33
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
bc3d2f90-d2e6-46fa-87c3-f95afcc4671a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOAGI1RjncTzOsVioXEJAQU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 742D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYp5SZ9AEwAQ&v=APEucNV8ZChv_SVMWmvxB22mUK7PJkhQ6RcyJ6Unk5zuBaoqja1QXMnMBjiFTkGAOKdvRW56UNu0pCiTybk62P72Q2zOrYmDSj55EWMriS9c7IYbtQXiqISYcjS335uza7OLD0x8KQ3YGJ_5lFEGrwWvrzSK34M4PvN1YtwoAhDJHmviHcGDGeU
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
an-x-request-uuid
a6271f4c-d681-4005-836d-c255350df068
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzMzAwMzkwMjI4MjU0NTM5Nw%3D%3D
x-proxy-origin
92.222.212.17; 92.222.212.17; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c-8a7bb10d2224764bb13a2f47d7db9ecd.png
grow-platform.tradedoubler.com/uploads/organizations/2367815/ Frame A1A7
Redirect Chain
  • https://imp.tradedoubler.com/imp?type(img)g(25525506)a(3040636)epi(oneidK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fqoneid__Influencer_TT_advancedad_300x250)549617024
  • https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png
167 KB
167 KB
Image
General
Full URL
https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Server
188.165.150.178 Les Lilas, France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash
29287f0ee27b9f865409fbc1a40b1d61b7a4fadb90b7c8c38165da62d04d3958
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Oct 2023 14:44:00 GMT
server
nginx
etag
"653a7b30-29bb6"
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
content-length
170934
x-via-poph
replica1
expires
Mon, 29 Jan 2024 13:35:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
referrer-policy
origin
server
TXServerHttp
content-type
text/html; charset=ISO-8859-1
location
https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
312
default.mp4
bitporno.de/ Frame 490D
32 KB
33 KB
Media
General
Full URL
https://bitporno.de/default.mp4
Requested by
Host: bitporno.de
URL: https://bitporno.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5304c232a3bbb68709a462a527c728f73c356f095fddc8970897a94c884711da

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Sun, 17 Dec 2023 00:46:10 GMT
server
nginx
etag
"657e44d2-8165"
content-type
video/mp4
Content-Range
bytes 0-33124/33125
cache-control
max-age=31536000, public, no-transform, max-age=31536000
Content-Length
33125
expires
Tue, 28 Jan 2025 11:35:35 GMT
vast
vast.yomeno.xyz/ Frame 490D
5 KB
4 KB
XHR
General
Full URL
https://vast.yomeno.xyz/vast?spot_id=484422
Requested by
Host: bitporno.de
URL: https://bitporno.de/player.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c4af77ef2821bd0a97760fd09ad351345be3cd2e10111759f304a0e7b770f390

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Accept-Encoding, *
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://bitporno.de
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
/
vast.yomeno.xyz/ Frame 490D
3 KB
2 KB
XHR
General
Full URL
https://vast.yomeno.xyz/?tcid=16279
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/vs/vs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5cec734d0e7cda885d52e7a9a80fcba8aea44d5ef91f7c6678c024353c508203

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://bitporno.de
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
material.json
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/ Frame 690D
31 KB
32 KB
XHR
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/material.json
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/reader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
8eda3710ba11425b61205786e559b876e8e84db71fa40b263b4142c723b8f452
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json, text/plain, */*
Referer
https://campaigns.milibris.com/
X-Session-Id
264cca8c558ac2a2
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:37 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:49 GMT
Server
nginx
X-cdnca01A
55; 253685.740; 7200.000
Age
9040
ETag
"e461b2aef9bbb7aba5dff460fe6fe242"
x-amz-server-side-encryption
AES256
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://campaigns.milibris.com
Access-Control-Allow-Credentials
true
X-frontA
6; 514874.106; 7200.000
Accept-Ranges
bytes
Content-Length
32238
material.json
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/ Frame
0
0
Preflight
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/material.json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-session-id
Access-Control-Request-Method
GET
Origin
https://campaigns.milibris.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Origin, Content-Type, X-req, X-Session-Id
Access-Control-Allow-Methods
GET,POST,OPTIONS,HEAD,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
31536000
Cache-Control
private
Content-Length
0
truncated
/ Frame 490D
478 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
464554e779bb3801af351fd2e13167ed80327d406f060d6547fc103165e3d523

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A1A9
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cb8ccc524ca731d711691d2cf0f83f03a18c6df4381ac5d805f76245e2931f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DB5D
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
344478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0DCA
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
344478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AE90
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
344478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ui-bg_flat_75_ffffff_40x100.png
bitporno.de/assets/images/ Frame 490D
548 B
548 B
Image
General
Full URL
https://bitporno.de/assets/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: bitporno.de
URL: https://bitporno.de/assets/jquery-ui.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://bitporno.de/assets/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
server
nginx
content-length
548
content-type
text/html
view
ad.doubleclick.net/pcs/ Frame A1A9
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvVW2_oy7dDIzpm9TU7qdBjOCyIyUHKIBXO_YbQLB3aK_XmI03NwKiNwPichWKZG2x7I57ZKnL0SrpbUorRAzy0v2dv6Kf0oUUYAbSGOkjdX8tH1kEa8Q84Mj7CcF-QB6kmMs9xHdliJkUNgP0VCAyoRpby1UzXXG9-iDYcirABBewYV9zfQhhbNF5ghduYQ9pTUf7tcpi1K-EogvUuNBR01rzdZh7XtlmLFAQ8rbAfcUnARx2YvAXYEX6JE8HqSBBwPt3-5UjVtFECkaaA3pL81iwZn4hFQ3k0K6ByFQjGpIQEro7_4ZKbOwzSBQOKoxw3-iHAGfrGbm-G9CYOcb1Vy8Hng9AIICnytFN8wpWT3zJMXUMo7P_qX8IuNlQjfwMHRgsxV9MuqYKEZlTOGlH8cC7AEyRNQquyYE-9YixEVeP388M3SV7BP2FiJpzpudX1thCNOx0EKULztV6_cAAPy6gzPpJvQjJYO-MAajjKuQ64v4Iea-9VCkl5wYuxmG9OyLcmN9qTJo86gaF8bcwM41KZCC27Wz1c4qRonlQ3qAg4pk4EkUAO2T-Qz8rqW3lcFs8bonk-mRLc86nB-AbwRntlTbYtHcVikaLk1fRfaYoM_L81e_RjkalbxZEa5_4W_V3VIeyJC0RdX9oh7Sde0DFpvJVTV2grLnHxRgMBremt-W92ziflrhRWvJPUSSEepTlIV_uKxlVtzu26VjvtDzN5ZM-sNBZO1cfhxLAM1zJR_ZSF8N2KxaoYCH-zR9Gxb2ApwTQ6IsYroFomjsMk6QcFeRY-4p-ZkGjaTneqJvy8eWf49UO0wBBEJSxxOTB9bJObQB-g7F2F7zVfw9FRK4a3yUfM5xp9eRIM7p7CIac0Q5svPDiKocH2g5D-eCxPmQfPRUvyGgAPcZOtKWiiutm-UiwOVPOJcZwC1yJjpFrBYsgm0gOcfv5Jfmm6RmbLQEgO6LkYTAxSq2kGZJqkRMP23wyKlMccNtVW4K_KRr5UVWBm5fXe1dx4exbZrV7VL1u6ioFd_xNUZjuwKE-hJt0h0mSQJdhQgQRjkRNspIZL-nWxxfM19laPtcMzKPYaf8UDoBW3Le0n4l2-_duWkjlPtXD6k3l7igoUyJVojJk5QWhBbnlaxHpvWp6MiG6ME-HRfxgs2BiDheiRQIXwzjuWMEtpgMeEWiGBHBmxD3D74fwP3Yn1HX_J-4ECLoOorzOHY55_HfsD0nOjilnLFVIrKUZKDTaRGhEEz28rLaG7pj3REvKgOit8txS6plYtY1S2lT0Rk0sjI7zIf_Zr1EJpVRpoL-oIbsSA0p7GqwNptZOXrSCaqwM&sai=AMfl-YSuYkjI0farkPV47LZdI2E8LCYifOHtIpe6SQ3F-2jQcNvzZAife1ifGu4zbYvlBkm7QU_1qbcpFJ2xTIfM43Qv7ylHTYy84YDQeR0_GpaLSHZzkQsS9z9ijPLuNMUJ067L4A2Ab2pjzP8kunxTNpjdlw_Mbh2Oea7N9Hi2yOhhzVjW2JzjFc7ck1D-ObM_0D4k1jNM5CxxU8tkooJ_umrv1patrAZQOAQpOewG5g59H1uPbKuNYhkDZ_VHQxDipkP86mS2V_rFoVShtbuRv2ilXGQ-71KjK6iV57ixHk4I-GXg2yBvowTDD1CzYDBOcQ_GkHtPpF9MLOsplEeknjtSs-bdRI4bsx2a77gMLNr9kmmkhsqLelcZm3znf7dWqAUe7_wZG1iC39UtBFbS0Vqba3NFkmBZQZy62QRtuPylnTMlqd04jLicVsMPxGjqw-FBHdEN6OxsIab8st0h9wRJje0draG9Ug-Rxn31qBIHk0OYpJBTwN_xSmnCrjF1m1ClfxzRG9v4Aw&sig=Cg0ArKJSzC1QJmGTbHg8EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=276&dett=2&cstd=0&cisv=r20240122.32883&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pvClk.min.js
analytics.webgains.io/ Frame A1A7
55 KB
19 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gmqcfps234et0b00kxa898y6fz6p7xkasrma2kv7ht2ssxdcsx9v4r94zrzcbr3yjnhtw1p69pn1135xraqf111av9qr8h6kr43z6fdv3rte9mnzbmss7haa4xps1zjxjmhw2fsycx8zrgyx11d2709qbnkk71h04wzvsz13018zfj9hgvknjakvmdr7j1v2sbj09z9nth73yc94jyga3f5z4qempfysq0s4knd6pj93h57ta0jfhd5qdjcbd1beb0yw08%26a%3D&clickref=oneidwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5oneid__Influencer_TT_advancedad_300x250&viewref=oneid1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcAoneid__Influencer_TT_advancedad_300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-89.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f757c1aa85f17bfbbbc91f88fecc3d5d7ec1ef4c12a2c48e548bcbfe62e8a731

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 05:29:03 GMT
content-encoding
gzip
via
1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jan 2024 12:21:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
50567
x-amz-server-side-encryption
AES256
etag
W/"d03a4b6e4f5237491989961fe4aef528"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
twq2GqW6AkHCtXnK5PSf25i7keaeTJ2lGjEAQdZODVSEEACNjqwlGQ==
1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png
cdn.track.production.webgains.team/265645/ Frame A1A7
4 KB
4 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/265645/1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png?Expires=1706528435&Signature=bl0Qys5U~IMqyoIwDCzhezampJysV3GA6Wmd4o7BAgfz-wcq2syMGi0HoLscflMOjs8GF3CcC2BCtRt9UoTuFiqdcfQVEfhTDREuSi2zqmqbEk0f~iY3bkwrW2ZY0ilYBGQTlCpAVtE311D99KSo4vu1~BM-jKyf8kAcX-zhxL6dLpBXgwhDSG9UEu03-W6l19yDp~p6TMjLFmxNJ1qX0x7qwvY-YvRwvPdwBjZYNrktSUUPPT8~kDhDlzvV6de4EG6wPWk-1a2lVn0SVpAPzmojtnOLqvAbsXLLtdnlMX0uMYlkGL4L8Q-PNcntSvLbUn3xvisJFFq0g431qhgVHw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C1668988%2C1692789&b=1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq%2C3r48Upf4fDbEXs7HrHAtEt2BxkHPSztKZwCd&f=wxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR%2CW7q8CrfdfKr9ZsYH5HjtDC5AJ6S3SwtVW6H2&c=300&d=250&e=&g=1fd375e0430694a794844951fbcc73a7%2F10432499810946170663&i=20597%2C294035%2C187702&j=21%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706528135045&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-69.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 29 Jan 2024 04:48:32 GMT
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 14:30:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
24423
x-amz-server-side-encryption
AES256
etag
"47f1e003b9b074a403e5469f531658f2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3904
x-amz-cf-id
j6WqN2Ua9BQb0a_sIOZtggyOA_I5Y4V0oRuzJXxqgkbfw-6Yvck-BQ==
splash.php
s.magsrv.com/ Frame 490D
5 KB
4 KB
XHR
General
Full URL
https://s.magsrv.com/splash.php?idzone=5075902&sub=999044201&ad_tags=
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/vs/vs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb75e80cd8fb75d3633949a9957bfa6460bb27d1a6d6f6dc611c9d8c170512d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:35 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://bitporno.de
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
X-CH-VALUES
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DB5D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 08:32:00 GMT
splash.php
s.magsrv.com/ Frame 490D
5 KB
4 KB
XHR
General
Full URL
https://s.magsrv.com/splash.php?idzone=5075902&sub=646630692&ad_tags=
Requested by
Host: bitporno.de
URL: https://bitporno.de/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4567b51bc54a2faa50d07f70c55d3e1c96bb0b8a6752310e3659e0cede3133c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:35 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://bitporno.de
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
X-CH-VALUES
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 0DCA
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 08:32:00 GMT
sftouch
ak.whookroo.com/ Frame 1116
2 B
539 B
Ping
General
Full URL
https://ak.whookroo.com/sftouch?userId=c70bc50ab2ad47b98c9d4124d0d56eed&z=6600082&p_rid=b8b5086a-568f-48af-830c-3b6dfc538403&p_src=sf&branchId=0&rb=r9HRRBzA6-RIzzc4tWzIu-kIX0iEvqdZQIwZGmEC4KwecH78C-IQX00vk9Gu6jaKIWCsY4JnL512ed1Z_NQQQJyx0J5uFvGIw9iFMHA3Jz9ObkQzFg0u9dWTm49fsHhlbB4zT_26jWAYRhpYx_aeh2nnl34hQ9uLswE8GSyr_gPVGyxWvtRtkRt1NgopYPOXG72eLqcHFFa0L3AbaztY4GaZKboQY-yELm9aW3RgQia3FWl2wGdVf-D7B-HVCrdJ3gMBJpfLr26zwbUYMEeHiRNrb8Ic_uCp8clevA==
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/4/6600082
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
5d03634624100ab0db17c536b6ecaaba
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.whookroo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Mon, 29 Jan 2024 11:35:35 GMT
img.gif
my.rtmark.net/ Frame 1116
43 B
490 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=c70bc50ab2ad47b98c9d4124d0d56eed&z=6600082&p_rid=b8b5086a-568f-48af-830c-3b6dfc538403&p_src=sf
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
sftouch
ak.whookroo.com/ Frame 30D2
2 B
539 B
Ping
General
Full URL
https://ak.whookroo.com/sftouch?userId=4e7d8f2b6a7c4c9abbe94937aa6f811c&z=6600082&p_rid=b4259d6d-5865-44b7-8f97-af4890af0859&p_src=sf&branchId=0&rb=RoI0FbOohkRFXNza9Qm6CtDoBqN5kH4otFhM7zyCvncKtZCZ5yo6mac94eCIl_uI3UoDle3r33kUhMcdKx2m3MP2U8wKg8dvJytcLrm8njh4uta9Tx4faNDFMTUUJRGo3wSeLUtJkt3o2YQ4EkSp6aCyIrlNyyskEVX5rxCBuZjfjCMd-EUJ96-az_LOP2aAb06yCqjpBPU8o4RvliSG1fDMgPRd441DAQkqApfKmVUvqpKHl2enwnV5d6nJxRfwK6rxx1H7r3k0oKtEQE4Yxrc_JBNXFkvuf76LTA==
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/4/6600082
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
26e4e50c5f7f7b9699e90cda42188b22
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.whookroo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Mon, 29 Jan 2024 11:35:35 GMT
img.gif
my.rtmark.net/ Frame 30D2
43 B
491 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=4e7d8f2b6a7c4c9abbe94937aa6f811c&z=6600082&p_rid=b4259d6d-5865-44b7-8f97-af4890af0859&p_src=sf
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
sftouch
ak.whookroo.com/ Frame FE52
2 B
539 B
Ping
General
Full URL
https://ak.whookroo.com/sftouch?userId=8ecb9a878eab4eebb1b509b9a8d37cdc&z=6600082&p_rid=f812f9ce-765a-4b69-ae68-ff0a2e6a8475&p_src=sf&branchId=0&rb=LRwW8VhudYaBZRAv9dHbicV0-xdXqJCFNZfpUWwTYH2SRmYhsH4lha3LCtkWk-78rsX_p1wSgL_VcPLJ8QxNx5ZwCFcoJ6-E8VvllBQqzDtIPwWNbsKDQW0dzxT9t6OMYje2jkvTFWg62KI8Fii35Uwu0w2Y1nRZoDhfKlwyFzmBW5UvxrSsILtzOTeMbcBRH8VZ09mHRcE0KnRfFJMQvKQTBHPe602BSHnLUZCasvvTxzV0BoJD0Ke1R9LXZwEgF1zf8CBkQDrkn0kQG-hEVG1WtIe7LEssgnbUkg==
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/4/6600082
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Mon, 29 Jan 2024 11:35:35 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
e6405ff0827f4bc6d7c18fbd2c94c74a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.whookroo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Mon, 29 Jan 2024 11:35:35 GMT
img.gif
my.rtmark.net/ Frame FE52
43 B
490 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=8ecb9a878eab4eebb1b509b9a8d37cdc&z=6600082&p_rid=f812f9ce-765a-4b69-ae68-ff0a2e6a8475&p_src=sf
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.whookroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:35 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame AE90
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 08:32:00 GMT
/
offmantiner.com/4/6120639/ Frame 4515
32 KB
14 KB
Document
General
Full URL
https://offmantiner.com/4/6120639/
Requested by
Host: becast.onionlive.workers.dev
URL: https://becast.onionlive.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
106e66b12731a17a035beaadac3fc923237a48510b4fe694e846da68a5e343f9

Request headers

Referer
https://becast.onionlive.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 29 Jan 2024 11:35:35 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
f6028e3f8586870115454e65fb0efb20
add
datatechone.com/log/ Frame 1116
2 B
468 B
XHR
General
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=a97b698f-fc00-4834-99bb-73547ad0c3ae
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ak.whookroo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.whookroo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
add
datatechone.com/log/ Frame 30D2
2 B
468 B
XHR
General
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d210edca-e078-4571-ac85-41b87806d57e
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ak.whookroo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.whookroo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
add
datatechone.com/log/ Frame FE52
2 B
468 B
XHR
General
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9a6900fa-85b2-4d8d-9630-96e0281d707f
Requested by
Host: ak.whookroo.com
URL: https://ak.whookroo.com/4/6600082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ak.whookroo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.whookroo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
truncated
/ Frame F813
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59c57df5a8d966619ecdf842d530daf1ef23fd07e86ae03a655c648a8e18055c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
vast
go.mnaspm.com/api/models/ Frame 490D
Redirect Chain
  • https://go.mnaspm.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opc7gmbqpbKrpZ3XSzVy...
  • https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca29...
2 KB
1 KB
XHR
General
Full URL
https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOrprrolrunc5zpXSuldK6V0rpXSuldNZLXVPbNRU6iem3ee6qzSzSninaqq67TOquXifefPTNwfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4b968b4b17104f58619547ca23b6e51fb36a357c7fd55acb5989f69e3cbb450

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://bitporno.de
access-control-allow-credentials
true
cf-ray
84d12c32f937d2e1-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 11:35:36 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
location
https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOrprrolrunc5zpXSuldK6V0rpXSuldNZLXVPbNRU6iem3ee6qzSzSninaqq67TOquXifefPTNwfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
access-control-allow-origin
https://bitporno.de
access-control-allow-credentials
true
cf-ray
84d12c3248d4d2e1-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
content-length
0
alt-svc
h3=":443"; ma=86400
vast
go.mnaspm.com/api/models/ Frame 490D
Redirect Chain
  • https://go.mnaspm.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=opc7gmbqpbKrpZ3XSzVy...
  • https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca29...
2 KB
1 KB
XHR
General
Full URL
https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSuldNZLXVPbNRU6vay3WbjOXOaqbOeyji3fTeWmie2i7bi5wfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406e05680bfcb14ec64f31571ff3f8b8977cb997d4668179fbb8fb40560ba4a0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://bitporno.de
access-control-allow-credentials
true
cf-ray
84d12c32f9aa2a3d-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 11:35:36 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
location
https://go.mnaspm.com/api/models/vast?action=sbSignupWithModel&ax=0&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&duration=00%3A00%3A30&iterationId=812424&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSuldNZLXVPbNRU6vay3WbjOXOaqbOeyji3fTeWmie2i7bi5wfYA-&mlView=1&p1=6294502&ruleId=339&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=5075902&usePreroll=true&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
access-control-allow-origin
https://bitporno.de
access-control-allow-credentials
true
cf-ray
84d12c3248f52a3d-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
content-length
0
alt-svc
h3=":443"; ma=86400
truncated
/ Frame 28DC
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1cabad8f808c9dbeaaed4ed2bb79519c5a0b441956a485a02a9c046013f88df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame F813
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20240122&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame F813
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvPkjpakH52I5y6ZTNnF3mz93srQHAjacI8HcUIEDjpZS93_PEMqKPD66v8zTKwXEZOa3e_N4dDsyEqOqM7xqloqcag3HDsORSYjvGtj_oegTAv74gTWlooGAjDiVbsOCFvC9WS-w09iswlePx_EawNnYgnjpdLz_4YbZ_8y2ZIKSj1S__CCnWw5d1YAyrKMuQU7fZseM9dYwrfL5xX0l1agoqoRE64-2sBz9I5v6xr5Eb0go1cb7dao5cSMQjYF4UsGrGPwKntJCFIxYSDJj27pBG52EC97dkZ40n74XuDJK65HrIuC6AWCGITjPZp3pKqin12QAO3zDz5p9bj_bQaZ2SGr6UZOX_QZG0pmVYphdD74eb3ZMUMYiC3ONhABhRhuPb5JdVh_U6923fWTJe2k_JV0AFZHTkBNI7P_eYI_auy1QJb6_6xNvcHmgUAmwMi_e7_c_wuVEkwlPD08JoWuFTxPKegJQJ8y2cYg5F-DDI0HCiQQeJHIUvsBJkeb81q6YmhFNOgTVk55XU1Hxuxm6JfQxJ1J28Npl4GRpbO3NKHX1FHL8SwCAqIa414aUbjvDFSTxjbFDbg7xvoTluF4qpXkE8dyDnYVcRmt6eImdQlxWbvmInjbhOjU4BAjOJqwnzm12V87-zApFok0ThjUVILEJKIPK9_hFXUfV2m_6ADDYSK4tkgvVPOReg0WgCrNzLYUrhFhQ5yQ7t_5gUM5HqFziZk1afahY9cLxgfgliKiEWublr62MRky_C7HfYYJ2t6lt4rCmdmeDUSUt05QhmLMOyJm3mUoi0Hu-7KZOl4QsjGbwQY3wKXvPFU6VKFsa-nB-AT2wNvwIXApefcYu6X4jb18j4vHg6Ze1m1b0rIkneQPFfw1OYZkE8fa1fBa1fNLAGkzgSDPLJXvSFQxxMatSnYMi4s-iWf1Z1R9mRdGOqt-nkfntxHaChBk4YkPdvJCSR0mK8XclFsalyfkg38wqfxVOTv3acSyKI5hDGUk8HIY63zzWoCNlF5W3XNg9CGZsF2FpWdraVoWHAHrBjAq-t5CDD6zL8RFaUXfrK8bwQNeZOTsMFBGz32rnXApVHB-dkwMNTg8XwV9Ozw3ulGqkWnx489HbCwV713yQ2XZoQv2G3_zr1kZni6xk4VXlBeAK5HjeAYTbUgz8KTJbr_9Ld38Vf9U5-JlvFMd-2xO6aMl-JyJ3Xo67UxQC-aYK2XILT8-dhosDdSHrJGtpOV8MO_vSE4bQ5eV4hDdgID10RR1_cr--sURZoim-g57gomHFK5jAi1I2-HoJP9YaxRPSEaGxR-5o7wELXO3hVvgHA&sai=AMfl-YTkBj1WmeNp9TFeBsNdu_a1y0EHQrUMf65qpQdXj-8b1FySsM3YmrhSldqUAZpkw8o4hPX5VSxUuysdBKxJYyrRUgPkRByB7KMeOuHEpjQK0PzUoFKPgCAjskV1_dpJSk0py2Mm819zYq3xOPqzTaPcefWqlIzh2qjZyDI1k_jlGBSMpDop4XNftvMoMat76eBVqQL9e2Zdmj7R1taG-B62fM1Kd-CGEcuBQ7DCYEtEVdnHNazwvMKe1DJ8O2R-Dt4COVOx7PurxPA3_JQ07el17sy446oZjfdNFA0FQ1Tnx5PWASYrQW7Bbz_k7DM5cRWWVKcK81bmy86T2hOX00Dp43nc1PJ-H40bvfeSuq1aWv8kEn5pAIoyeFjXh3UsZ5oHuZd04EhjBO335SCY0GUZ9zNUrF4tV8bsE9HDaQvKTMplCSxuwvtFutIaWx_j0VGGa-5JfIZCAdZPEM25vI1Fj2AA7nnVnUHRzsSTJ41iyBsGx-FmwZeTfeyvPI0FrVpIH9E0j1wJRg&sig=Cg0ArKJSzAbnxQpVEbfqEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=680&cbvp=2&dett=2&cstd=0&cisv=r20240122.49825&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:36 GMT
truncated
/ Frame 62E0
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
sftouch
offmantiner.com/ Frame 4515
2 B
611 B
Ping
General
Full URL
https://offmantiner.com/sftouch?userId=0a9a3b13ab0447eabb79d7b39c89f3d2&z=6120639&p_rid=8edf84fe-3468-426d-8d46-e3126eafb8b9&p_src=sf&branchId=0&rb=FLf1ZnqFoweMbjCozKKtSCrg4CjONLRuF-xrmFRFWJMvNaKbGyjbAiaNcsyngfYzp7ZDT9TINXhWEbo5M_S2FQ_3WcuoTr1XEqYXj0iaCWkNeiAZDMd1MTx4U5US71YTXMi-GCLKpJJS3p2y4i9XoIGVTfm-qy8YmIqFc2vt9mT15NMcXvoTQUXoqTC-Ca8u1OoYvyg8MmWGnWa9LUXUj3BBYB83eWHq-3RfZvRvdTeGPfOOPmVDEFKMmKawvo9GvV5avPYb6jiNppWmc6cojrgp27cqt8AXeh2mNzQByrvRIvr4EGjzNIG5V9Jnh_zEDahr2q6BwGuaZ1FEcCbv3N9hnMs=
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://offmantiner.com/4/6120639/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
4819dfcd32879778e64fdfe4a759a2b2
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://offmantiner.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ Frame 4515
43 B
490 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0a9a3b13ab0447eabb79d7b39c89f3d2&z=6120639&p_rid=8edf84fe-3468-426d-8d46-e3126eafb8b9&p_src=sf
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://offmantiner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
view
ad.doubleclick.net/pcs/ Frame 28DC
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuG2PoWJsr82dAs1qEJdUFXsKWwjU3TT20ryHlb4GN7nYhYvduxlX3BIH3nXnXi-Pa2x1kHA8WefgHLVinnHmbTA1rV6MxXdP3e-fhlF6Yk9sVfZvncCz7dq8NRM0wAvCtkpIIAW2zqLHjRMSI-W66PNH61QVKnp7kI1T4NdxvmrpeU-H13k-yHbQSJsI_cEc4cnlmZ3jw-9ypHZAMAnvPlR2hnCSC3XWjarWuu0li08Kzua2QkHHAv_WihzzpZnTAHEOiqR9PmvcN_MiIAEvOwzoNMt4E542v7soa6XdWe7Vozn0tularWO0MROnVK5rPPnhfyyY8oo0hBbS1Uthdii-hGfVZORaWTocnROHQ8e30azm1I2eFVP5mxStyFHAt2pNE9AHFYn0YIJ58B288R2I4PJOpPdV9x02ocAJhqED8JQD5y3Gn4WEjBlFyPR6BDYP0ji0WU67OGXvKYKla7_iUCC8sZXaccwc_kXYxBgFeFudhyZK8tdpEOyKedkQT5hWBGmswLlGodzW_ILF9HimU__ZFBFcht2OqqZuA87MK3uLxhGDzalH-OB7PxdbZqfT5MbF37NYq9B7aZgimOPkGTVXSoJUtxMZWMQSvg1eDvO2emFdiATJ6UrmDpTre_OjqP79s4JN1J8cvTU6WDyKlZdu2pj1Wp9HgDPAUilgf5i632L3W8ufNCK9bfm9ckQ3PtGseZrIGYC7AYNdak2tJQ2zW7sQwKo-x01Iw_KQjMTLHYhhmRlJs6JrhIenP_6eyFSNqfcZ2Wz0J8MrX5h68ACB8kPx7yBR4z-uxu9m3EHlA600lkOTcw0CkL0qV9tSSdgNo8rjr9UC4IhAf3NUD4lm0DqGARF9rgUClFEaqwIDijoEOIOjb264xtsT61tW1maJM-Ms2ncU7GqSA_F3HNypY_mqV_qiPXD6g-xESwdJwHZNbNkqNB3iADAoPbF_qmQ2dbzYhTEgcNdxe66ceh4-P8YrTuHLye2hRe0bvrUGEYHoVOnUVJ8ST9oJc_0uUIBSa2NcGLNNTGhsOPQzq_DX2jXz-bb5eZeyMfg5uY7HZ-SgrxOeZq8Bym05QHXke6PHyURZSOfUux-e4HrUV60U7V6CjTF0xevzYBqSF4GCKKaLPIXRabl3UVmqwixWhEI3ccmWlz1-vJihD9tV9dPbBe093_uE-e2oISPFXtWlVaRjtvSFi0OnTHAIO02J9-E_U6WMjpjC4IoCSD20EsG1TDsNCpx9BSrCZDqsOpQtTGrS_5gkU7ZM1wXk1vv91IvXDQ2E94W2og03rFtYcc0xZXhJ7ynSLBSbVEuCU6ZFs&sai=AMfl-YQJVDQYHnqRKWCNXox82QIu7cfczWolukm1ImbMY1GS7JCzPf0Kyx4var4Z7_0AAWU87rffQsa3CA9J1Q0yj7oUmPG65RtXSZqe5xwnjXhvkDQZ2756whG8JAZ1CQfG7SZd8QbeoO1N_Cv8xNjwkiIgo8_t3mL--B2TpftAxa2iCpLMZDicHOZSdH_n1FDC6KCBFteph0D05TzlHPLe07q1WVA_yy5hRrOobWFnGJ9IqfWyfqXr_al7Eafz-CJQsfxEgiZLH4vEWclDeMrW1WSSG3RBwyvp1c8rl1FJz0LMzJ1MkvrU-MOdyVgK5_xoB3buxIYX1HhhmD_akvZqnoQ1ADi9W4EKFEbykC1nW8VHKO_4zDKQVvWKrGsW6tEBxRR5bTaIsppI7Xy7kyxXKZ7Vz4TxoRUrxTSxHd2tCViKcHWOBVJWIBgbxS8Y-1OMxcU3UPImNFHHJAlTxs8rdVQwj7JFIvCDRJ-vG1YeNADvOgrKKpdTp6BhRQKy8AVrGYmOl07G1qhgfw&sig=Cg0ArKJSzNIy_vH1mkSyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=721&cbvp=2&dett=2&cstd=0&cisv=r20240122.58225&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 29 Jan 2024 11:35:36 GMT
click
clk.tradedoubler.com/ Frame 111A
0
0

truncated
/ Frame 6DC6
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4F8E
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
add
datatechone.com/log/ Frame 4515
2 B
468 B
XHR
General
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5e7f8ec0-97fd-482d-bc27-09c220f198db
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://offmantiner.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://offmantiner.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
www.hp.com/fr-fr/shop/ Frame C312
Redirect Chain
  • https://clk.tradedoubler.com/click?p=245746&a=1910362&epi=v0304000162123eb7e03748654ea792da1ba32c2367ae
  • https://www.hp.com/fr-fr/shop/GenericLandingPage.aspx?tduid=090d51c0d5cbac44a1d96a1d8c684e13&url=https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com+%28FR%29
  • https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
321 KB
89 KB
Document
General
Full URL
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1706528135960&cu=3eb7e03748654ea792da1ba32c2367ae&ykuid=ec6d290f705a4fc88df7661f0e600caf&sc=1&cs=dbd6539f40d1dc2217b52a7514985cd3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af026ac65b2d339a1d8c00f8c78810f23837b3909087ff62f9cf7d9b00cd93c3
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://r.linksprf.com/v2/go?t=et7p3%3Ac%2F3lb.ar2d7deu5l8r7c0m7cei2k2p1205443%26v%3Di9e0263%261p1%3Da0607040%3D6%3F1c3lb%2Feo3.4e6b4oae9adt1kac2%2F2s6tah&e=1&ai=53bd40e9e4b0a28530282455&sct=0&ct=1706528135960&cu=3eb7e03748654ea792da1ba32c2367ae&ykuid=ec6d290f705a4fc88df7661f0e600caf&sc=1&cs=dbd6539f40d1dc2217b52a7514985cd3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-expose-headers
Request-Context
akamai-grn
0.96a02417.1706528136.69548170
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:36 GMT
expires
Mon, 29 Jan 2024 11:35:36 GMT
pragma
no-cache
request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
server
server-timing
ak_p; desc="1706528136858_388276374_1767145840_160_16011_31_0_255";dur=1
strict-transport-security
max-age=600
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,3
x-content-type-options
nosniff

Redirect headers

access-control-expose-headers
Request-Context
akamai-grn
0.96a02417.1706528136.695479d1
cache-control
private
content-length
226
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:36 GMT
location
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com (FR)
request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
server
server-timing
ak_p; desc="1706528136371_388276374_1767143889_37453_13882_31_65_255";dur=1
strict-transport-security
max-age=600
x-content-type-options
nosniff
3e63f9d2e662c99c19ea98b5031cb025.mp4
cdn.zblkqa.com/video/ Frame 490D
158 KB
0
Media
General
Full URL
https://cdn.zblkqa.com/video/3e63f9d2e662c99c19ea98b5031cb025.mp4?cb=1706528120
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.190.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
17AECE48ECB43EFB
age
15
Content-Range
bytes 0-2381089/2381090
alt-svc
h3=":443"; ma=86400
Content-Length
2381090
x-amz-id-2
3d1d941fbe792aeff1e829b094136390c69e62d96eb3bc552085f87039d206b4
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2024 11:35:19 GMT
server
cloudflare
etag
"c01ff897785ab8820e4b8b052494bca4"
vary
Origin, Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=28800
cf-ray
84d12bd92e2f66ce-AMS
expires
Mon, 29 Jan 2024 12:35:19 GMT
3e63f9d2e662c99c19ea98b5031cb025.mp4
cdn.zblkqa.com/video/ Frame 490D
14 KB
0
Media
General
Full URL
https://cdn.zblkqa.com/video/3e63f9d2e662c99c19ea98b5031cb025.mp4?cb=1706528120
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.190.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
17AECE48ECB43EFB
age
8
Content-Range
bytes 0-2381089/2381090
alt-svc
h3=":443"; ma=86400
Content-Length
2381090
x-amz-id-2
3d1d941fbe792aeff1e829b094136390c69e62d96eb3bc552085f87039d206b4
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2024 11:35:19 GMT
server
cloudflare
etag
"c01ff897785ab8820e4b8b052494bca4"
vary
Origin, Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=28800
cf-ray
84d12c03bb4db89a-AMS
expires
Mon, 29 Jan 2024 12:35:19 GMT
truncated
/ Frame A6CD
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DCA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiNGfho23ZYO4I-GwtOUPuqWB2A0AAAAAOAHgBAI&bg=!HxylHFPNAAa8BdJLnAU7ADQBe5WfOMNz-ePv7cznmMf3PQY4pUm7RbGICx2ozE68goyoG3mq8zESSeGibm06VHpg391jAgAAAMhSAAAAAmgBB5kDB6c_YX9jNWKwfd97dVyAUbEMuFZcl_roF6EmFQZgf50wWh2ZtvSVlJxfN0mOQKOgBb3IMPIOxth_tQhb2Rq5tZvmaRMcTEeRgdgxs2FzXYjFdRDHdWi-Utave6Gz65VWZI-WWHGPrLP6NCSWMxM4py1nhda9Ggjatwc8duQ7dFUTnvfU2RvJRsNMo-l2BUBQqgabMYo3D4bj98nClrtQvlbctAwKsgsDDHwoNZwr2KDTnIZBfALXDD6lqEvw9V_FeOxeqNnZZI05b2MDx2lZF1-9x5mZjHta5cpiYarBhdpg0jIiZMjB5-fsxOOUmOylzElrJcWn1FP1wgfjs6eqp_1i9hZ6E8Tv9fXCA4_hHYmDxUMIANDTfJV-hF50jJpeiPwCgbjv11tr1vANpy2M3c6G-ti6YO4jXyS9cHsW0x63bWzauvoEYXKMgCT8RlooBq3ID5_lxL4qIrFFMj19qJjZS7vAHxTUDpdFheRn9n2-uTGRyeCsnd-yz_eqjFYapJMAEHAyQ55LLv4DLnwrV6T7FEeTeFt22YhxiZGbp0gPqZKPXyI9tTWE1gWjwLJ5IBPTFFwv89zsU_t02iGUze9ig2NnK_kRzG7ioLNHPtR1TbvZiybt6IUJ7oYqlzW9DqHRZBT8vgbY4tX9shQ0ncza68Wo4dCrFHxtB4QaiIwbAYm52c8kIf8sKw1qYW2wY-Kt8yhf27SeXHSq5_nCnxNvbonBxD1al7LoBuq-5_JD2N0X8vQmN8ZviwpI6FsdYtcs7e3kEqR-gt0Rw_fllUMRoyy0f5jVk4NVEWSW4vA83zczE02Eq3e89biIIA8AVfxTAn60zflbEswNvehISoWWenGnW0uc9K-th2aT2mTwscMynrQg8DOzL3TczPsSTFsqwVd0uSZDJyDDtibHc_sALYf4p8yumNqAT9GnS02oRTdtbkCTK2IzZywR9pa53ryxQTglmlfohsdizUeTykDn4602TyI0k1V9JP5fOplGu9AyEm8Abkb1HdxyPee5PN6ULwaxMUY
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB5D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIw5Mho23ZYK4I-GwtOUPuqWB2A0AAAAAOAHgBAI&bg=!pKelp-jNAAa8BdJLnAU7ADQBe5WfOC7IQtctxp_abscZ14ODOys0bxIKWsxa9cew1OGaOLjtJiWSBD6zTwXwJjSHi9nCAgAAAPNSAAAAAWgBB5kDFBOpa0phSmA_Qoh6svgUJ3P9S0mEa2lKedb5Vd7-8OCvEjDj67hDmhRbCcBaM4D_yuy36ETfOUBrfmlvMRn-nBlV6-bf8r7stSi0afN4WvbyLsE340T4qZEt27E1vVnACq3m75Ewvro4Mqes8RBZKo63u4rOv4jVJ0A_7E6MGGAnLcuS4OmKEuA01wOixRjwignoISKzhCfjV1HBeL2VGNOSWx_w9EpdZEWJq5OcuIY3J4JlFBe6xb9vKW6y2SORvfWWqKRtjxcIKJonAd6Brk9NiTP8uuNLlNU46MNoZuH9kigtN5jGWIMyTotyGUonyGF0FfggPnpPD4V5iO-dr-8aOpSgqJlIklHzLSufwiBk9radtJfsgrYWsrJ2urOKJ2yNDXXww2wVkd5XhAT9PRnNV-DdVtMTLaL5vSJVt1yjwbeGPL6lJgRZ9619zbqE0woe4bsdYSSLlHal-Am1lJQc5r66ni4wiMK7J6vi-LVEXnlvewcfujHz_wzy27fhoOyj1KyG5uFztOSjW1NU34d22YcKcpbvDDDYdZnjb1bvpYrBUX-pgdIVPZoKkTB1ThBEnDzBNrs7mtyTZKQcRL9A0wL9-86WNVb_mPf-A80qUZYhqf-WdRMbzbbAgOfx52c-S8IUd3Q8c1GeoaoRKjE7NN8COs_B5jeMr2jkbSVRnrGyxPbEG1iDNcuIHZnGyNOk3bvkLy4OYAsWuU8a0fJR_2-HCPvI_C8TEqqkyeuNYdpxSvIlYMRUK9KXiGZM0uEJe6ESbKuSXi1P9Y5wj_3hvRH-noIRiHYdZYzvY97cagPrrKrv3KXNGpLjt0xJJg5IBfi98MkDzVZb8b5gTAZiin1b2bFh36KfQjVqBPAJ5egNMQjBGYXjp-hyeS_cP-HuFvTJudL8iykrl_8sYI-KhdAlSCgWJceR6ZdBu60cvhse1Ky3l7wF0RHVoErLc5C6sGynRYZgAcMxVyXZB5FmF8y0eMrYj_kSkWNRpsCYMZ2hn5FJDf402CIDsgi_yvlh2C9wyt6M3msw0q2HIp4gdF2n
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE90
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBNB9ho23ZYS4I-GwtOUPuqWB2A0AAAAAOAHgBAI&bg=!v7ylvPPNAAa8BdJLnAU7ADQBe5WfOCxnU9OcvkE1z20Z0fYLWVqds5fGHL9yFMhmxheXRNvIFCYharEgsQrqUQYn0YXEAgAAAOhSAAAAAWgBBwoAI9rBqMBwHlJbDVVXc0hcfIRyLC8qNoKoFvMdBi0PvFGNvkEMmQL_C63gZPe9GvYtShQvOegY2hXN_a4W4OKckcb2fYGNavZOyYcWXPnWoos9VivbCxNRSSvZnS4X11xPr7JIMsBk4cP2osH2S7ePXJgvBVORp18iMleigOTn0E7OB3o9XoEMlHNMg-i-TfL4C7TZJq-Z9rLzI72xT7u0GsBgNBltEgqbany9DKSc73BMJaLEjqKe4xcYCL4slCRjuwXlGaLRubNwSuevPwtpxlVRFhe0EO9E3g_lF1s4DJBsugyu8_A883HIMYJlmAQuJ0XsRc_bHkoo8AIoFwo_Hajrb5h8PYD2ITnw6tduOWCyK369pGxfjnIutbrwelQf0MA-0dDYelyeqyb4MrbKPMlGIjJ5tHqYSUkmenN1MICpNcXNdhhh8-CSKm9usd14Sbpf1lGET-gfxUxMF_CAyG6bHeM0UNI4AlYzPPH1cozkMQqQ76SKA6g3hv8ORcQJ0t8LD9J0JhumEuqkKd0mVGqkLCJGsR9veGyIA27TctLQB7tzU278uC20HN9A2krrB-VzKhB7E1bVxzRqHBoEu9RjRmJH-cyAWyVPFp7VK6-MZjA-8jUGZvcAdp7jQAupmcFbACvRDHoOCFVKCNbcSEFlMwwYokdRvuqGFDzKWQRxzb86fnsMkzbBcj4qGP3YEUZ5j1Ca-ByKXuURl7f-ds7uw-43D_IF7CVe8dVvKIwwVETyMuUQagXnXTJ2YP7lFFm1tZ9PjleCxvm-hpB-_P3vLX9FBCOJPLGPHhSWwpORfYTXNRDUqXF9lY6yuW_rIacrBNtu8E6xDeJSuhzNAD5Wylnl2MOMgvJdL8TttnNMuUN3NRw86rYURuTtfam7g14gGsfzLh7qRJh6Go7VXuoUVjcakxDR6YLzWcHkrE0GhXF238PKVCwk_c8XLk__pc1BTlYBgvKPRo_GLR8F6MgUNoHuprLJTRAuolUb4SezhmyMYbERgxTHv5KrLHsBnPzF5pavkC7C9Phq0iyj5pSNFxj6RNtzaA7n3rjrxzxge1-V_C8
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dlp
pkuwp.sandothesooile.info/ Frame D47E
520 KB
337 KB
XHR
General
Full URL
https://pkuwp.sandothesooile.info/dlp?st=1&lp=adult_light_b_full&geo=FR
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.225.185.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-185-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ba6b1a5bd1d87cdf970da0f31a5da84c3945a24894779f9b927ed4e9af6d6ea9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"81fb3-HkyT3CuDMy168nNZ5J9UI/LAC/Q"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
3e63f9d2e662c99c19ea98b5031cb025.mp4
cdn.zblkqa.com/video/ Frame 490D
53 KB
54 KB
Media
General
Full URL
https://cdn.zblkqa.com/video/3e63f9d2e662c99c19ea98b5031cb025.mp4?cb=1706528120
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.190.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9c91107c3bc07bd3d3b7479fe5fe7af1e8d3e2a48ba6ca80af70b51bb6a625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=2326528-

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
17AECE48ECB43EFB
age
15
Content-Range
bytes 2326528-2381089/2381090
alt-svc
h3=":443"; ma=86400
Content-Length
54562
x-amz-id-2
3d1d941fbe792aeff1e829b094136390c69e62d96eb3bc552085f87039d206b4
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2024 11:35:19 GMT
server
cloudflare
etag
"c01ff897785ab8820e4b8b052494bca4"
vary
Origin, Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=28800
cf-ray
84d12bd92e2f66ce-AMS
expires
Mon, 29 Jan 2024 12:35:19 GMT
dlp
xdufs.sandothesooile.info/ Frame 272A
520 KB
337 KB
XHR
General
Full URL
https://xdufs.sandothesooile.info/dlp?st=1&lp=adult_light_b_full&geo=FR
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.224.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-224-242.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ba6b1a5bd1d87cdf970da0f31a5da84c3945a24894779f9b927ed4e9af6d6ea9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"81fb3-HkyT3CuDMy168nNZ5J9UI/LAC/Q"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
main.css
cdn-dimi.akamaized.net/landings/278388/1705586804/css/ Frame D018
11 KB
3 KB
Stylesheet
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/main.css?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8af11605f0fea437a3440848f4f9ac9f2f0fb40b7c57bb92539ccabc42c4ae53

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
7GG8KH1X3D43S638
ETag
"77b6a67615029fa0080fbf5206c9aad1"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2156
x-amz-id-2
lxpJZsDJi567Ut372+HSMMRSaCEhV3//JTvvxtmboPtkVTXpHmMgPxUK9YZaPfpR+QaLeERjozM=
reviews.css
cdn-dimi.akamaized.net/landings/278388/1705586804/css/ Frame D018
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/reviews.css?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8aac137f84190a091926f566927e9b585c90dea37cb95ccd7cb2f68fda0c01f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
7GGDNN84PJPAPQK0
ETag
"f0907f04507b9245094f5eecc3257540"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1081
x-amz-id-2
yINscZ9Q0UmYFsCjpmhr4qzN0KE8/3qIfhRiKCV1rqhpMAIHAka13iCREF7MLk5OP9tlxh+Aojc=
jquery-2.2.4.min.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
147 KB
36 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/jquery-2.2.4.min.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c4bda55f972572bac18547b4ecda13c6d5788e25fdb1ddae0e3ee1c56e915774

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
3YW5H7BG10NDT8NC
ETag
"61a04f254179208c931ebf40f4cfddf5"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
36023
x-amz-id-2
FeVEwoo5F7rsU21C/LhsZAUytnrL3z91japUwkvORPNa0nAZZGilsvWPw17toUcc+TMbevvgeCc=
trls.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
14 KB
6 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/trls.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f3d594fadef6b29309c32468e782c4781880614d705a476f29f4de45e77d637d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
3YWF3JV0FTE00MC2
ETag
"a5d883f67a2ad9202b8c38f39348b3bd"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
5129
x-amz-id-2
kTJaRMP7+9UfiG6RDf659UT/LQxk4IMFA4lPfQFcXNLVWtfZOQLs4qY+5va0hFOlcaNKDUQMTV4=
script.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
2 KB
1 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/script.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ce9ff15629c33ff6ab236dcafed23a486deea443bcd9321d7c04a57e4b153592

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
3YW786R2ZBB1RNQP
ETag
"3a923da128f4874fa16702e4777d93bb"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
726
x-amz-id-2
gKslTXcGrYCusQhqtDX2L5zAGRv5nTSloVrVnmxoiBu8cuXfLVhxYd06+nxPpC3324COosaDfmI=
transl-sb.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
7 KB
2 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/transl-sb.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
546595e728064976b542f401ad4e34a504d4abd044bb48d21990f6bae781eda2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
3YW2WJN0HB9R9DG4
ETag
"30abcbce2f88ff931d9749f06d57a4ee"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1989
x-amz-id-2
C9MmSXUAu1ZjyPfNVhQL/fa8D/zp1XFjuOj7oF9dYrKY/GH19JgK2SbSAy2Wx5Xm1cVPfTpTy+c=
translates-review.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
50 KB
17 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/translates-review.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7b622631318fe5d20460a1c1a10437829eca4e41844d79631e9fb03108537e9b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
G76TVPHD5TPT2FC2
ETag
"09cf03d0a77b07d6c8969b853e74ee80"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
16602
x-amz-id-2
4gG/q0FCnnhQUp69GeK97iJRAyZSRgHogi/KTRaMXFXgKz/Yty3WtvAgzEYrNcy7U2kDPgEMP38=
title_tanslate.js
cdn-dimi.akamaized.net/landings/278388/1705586804/js/ Frame D018
3 KB
2 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/js/title_tanslate.js?1705586804
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 14:06:51 GMT
Server
AmazonS3
x-amz-request-id
G76T140YAZ5DCYN5
ETag
"5f373fa5bf21c44b9ad23b70ef96e73d"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1298
x-amz-id-2
EZZkymhNxyxwXYAI5ufM0shk5RV1u8c8d2WHg5ca6NPBJe7cZO+dVGbF2xdT4eQTzv5BnixD65w=
110010_5.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
37 KB
37 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/110010_5.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bdff9b4135d8f61acb5736216e3aee9e0aa887630db89846f4ee1bbce8369f92

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
S0C7Z881P5NWWJ6D
ETag
"0c82e43657f664a0f125d03deb97dfe2"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
37849
x-amz-id-2
wwBU4QMLRmXhIX/BadX+2B/XdwYKRIFRfRK4GtmtP/fbkBkI1fYgjUUiMpUaqz3SZGmvTSlLJ6E=
logo.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
154 KB
154 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/logo.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3a6153f6f1be6d37e9fecace5f213d6886863553c296d7ddb306c529a24aab75

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:47 GMT
Server
AmazonS3
x-amz-request-id
G2NE0Q74M5J93RGE
ETag
"8e49c2593c163b1f04d9f64cc74e94d7"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
157213
x-amz-id-2
T+YLRN0AFz2QdBfK6/opFjiVBgvzz6V3/OJP0IEYSzectLaE9UvUECU1aJNBVka0SL67xjctCAM=
placeholder.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
1002 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/placeholder.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c8e5eb70d0632dfec019600955aebe16aadebeeb27c979df218da1515aae84e7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
G2N6K8WXF4CHRFYB
ETag
"a5b25c973dfcfc30791164f2c86dbedc"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1002
x-amz-id-2
iAsRJPaT8EF/ZUyez5YoSnCjWfwxbme0TLod6ZQQ3h404kubeGBqrOWnq3b3uJHul2OV1dCJ8so=
btn-heart.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
587 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/btn-heart.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
17296011d2e1ff2784737023789e0e3821d9b09e5dd0a6da7164a020fe4e113f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
DNFZ31GJBJXARR9J
ETag
"4dc1dab0d355698b514fe3e9aaea25f4"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
587
x-amz-id-2
h5hsXOn3VyzNNQPlP7Uy7j2NwkNSxC7p9xidbULa6vuRFAT4ZzujPOWhSLMvx+xtAzshBNRmPWo=
btn-chat.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
1 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/btn-chat.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
481b59df658798976cac8d5f526fbe43d06f736503d315b31629cf14bac2d06d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
01J87DB20W0W9PDP
ETag
"d55b7ab606e83111a584f25eb07ab057"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1273
x-amz-id-2
jnl5wr/AcTYtrIukuPq6FgWtvevcfpUuH9at/QlWKRp7vghAbBKmrdH5aRO43EsJ0TTvLP3jgLA=
btn-list.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
704 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/btn-list.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5b44cde893577dd2bf10bdaf7b3d654627f9a43255e6fb6c495800d99544944

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
DNFTN9NKMA8QSYH0
ETag
"6394c772e8d72cd3977fe590fba2c91b"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
704
x-amz-id-2
XbGNr/gay/4XgL9kI1P/+ZrTKfDWRgh7No7du95GEKhpHpDjhhVGjHMYwfoFbwLjVf56R/Cz0CE=
btn-size.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
458 B
948 B
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/btn-size.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97ddaaa91b21a9a9980d2eedf7c971dc2ee66757675c77b07cc039d62975cbee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
DDXCZP265AEJD6J6
ETag
"2438729cd5671d240aae3f64be9d6bb9"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
458
x-amz-id-2
M03g5nwgXCHNnZhpOeSIsf2v/p76x+shQ+IE8ec7XDn+ACEEwQX6cagdvUHBt9mbjL5C0VZfsjY=
btn-share.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
928 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/btn-share.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fd77650d557f3dd251d834cfc1f1c1e0033489c146cbb868e1c480cbbbe20155

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
FWJGBF58EA9C469E
ETag
"ee664930a37af494c489e13e9d0aa3ec"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
928
x-amz-id-2
eX1oWi3NxwFeFhW0zzn5FzsI3AlIhVgBxi4VGsvCVyzqV6WbQKGx64gAtPEpYY1wQus2scnG6D4=
pin.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
632 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/pin.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
771378fffb5cdd3dc6fa23db24c53bf29e1271249b2997ff23ba108f9ff73fa9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
S0C0ATK9K1K89VPF
ETag
"062a0fdc2d680587590bbf1edd67ac3f"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
632
x-amz-id-2
PSYSmhCKyqkrCl9/3M+bPERixnNqKCoSD5iuRnGVup6IJPtb5SKa3yBD8W/XOhEDi30/VRK2iAE=
heart-1.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
579 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/heart-1.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a7753159ffd7b71361c9a3e97c1ab2f484481689834ee1d502e7bc844dd7008

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
G2NBD23GV2E6145N
ETag
"f571fb084154554572783a42cba670cc"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
579
x-amz-id-2
ys0cCqjheDJbjj5kmER/RO2tRISCTQjdFu8SA6p3OmtaGFpDjjA+KFiCq7O4PhDddTTSIZWaV38=
heart-2.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
576 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/heart-2.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5cad6ef2e9bd6a17e8baabc3e42a2654476e4acff6122fc4443bacab531e4edb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
S0CDYHZG2R7SN1NF
ETag
"7081d812b5b88f2a25fdf0f947c9c7ff"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
576
x-amz-id-2
jM77voamOKMLJypRcakfD0vkgVE/UDHTRD64qb2jJ19ak+5XR3dv6sGFwkaQjhvGLqBU64cvxY8=
heart-3.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
580 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/heart-3.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c2741d56df1615df46cb420a2c8f53c961e6665fbdd3d36d72c88f648d202697

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:46 GMT
Server
AmazonS3
x-amz-request-id
RMFCDA0V6GQE16QR
ETag
"70df79ae86ad0e950c0da1bab9d6a48f"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
580
x-amz-id-2
1dmEJwFLbJbQSvAzG8B4207jYgm7+O0cJ4w1USnHntwKr7HS7uHRMqMhmPzWSkeJnug/TXdtJnY=
unlock.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/unlock.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
RMF8JFBJ30R7CZZT
ETag
"a732e1e06affb4575c050fdb0131e5ca"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2378
x-amz-id-2
e3h/8jC95fxROJwBOa8Dj35sMwSugy73KXiitqMjdHkY9sOt6nNzd7ik+MWv/5QF+bygWRNEouU=
shield.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/shield.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
01J5ZRAQBNZRCK9K
ETag
"0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1539
x-amz-id-2
nvuFH+uZ52+TUyGMtDjtWVYzB4hQxsD5H6Xhyg1AyBGhT6+364zEgzog4gCMRLVFgqBuUxn+vrw=
password.svg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
1 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/password.svg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
E2HXKN2YCT2QWPGF
ETag
"f42aef7f97d4c9bdb074673081f38ac7"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1339
x-amz-id-2
M+xhcWTQD2F0dnkfLvxPP60p3FzExdz99jQVTwoKNueHQ+5v+++stRZ9bmRF6mjLzXzgn8u00bI=
1-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
4 KB
5 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/1-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:48 GMT
Server
AmazonS3
x-amz-request-id
2TBACVN8GV9XCFNE
ETag
"6e6d0b84c81d847e24671a711115a781"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
4292
x-amz-id-2
JpYMr7aWXU9X1zSdYYMWX7LN9HYZeVBwzrM9qOoJPT/YSwGGiJzl7vE0uMk/Pbr5K9NxpXBqkXU=
3-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
4 KB
4 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/3-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:48 GMT
Server
AmazonS3
x-amz-request-id
DNFZE0GEVPKDT6XK
ETag
"1dc512dcb0850f22cfa72c789578085c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3946
x-amz-id-2
WWPQJav8n+84D/9CFAgRByTH457NdOI06qYpSr6nHUCJkl0+XxiK8qSiLnNaKSU65JzJCtmaHZk=
2-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/2-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:48 GMT
Server
AmazonS3
x-amz-request-id
01J95FPMCRGWPC51
ETag
"66b6dc51bd19c799dcadf1dbeb628d9c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2009
x-amz-id-2
8j0IxaXQ28mnNYM9c4vvZmJCHDK9aaJuxppaHJbWVym34mKxeQ3wN5j+w4H7hnW9vGviL5Fxkw4=
4-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
3 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/4-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
RMF3F6TH54EBEQHV
ETag
"cb3aff7c886e4f72a98172b873b5e62d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2586
x-amz-id-2
Ao6NAFtcgSIocf5ZZoYvmDM/Tf+oMwNPykFBREQzkU10yUrcG6z873db6b4qqlpItb7Q2ZX9uAw=
5-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
3 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/5-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
QZCGR10M1H8N8BQ3
ETag
"27109a247208262e6293950ca8f5450d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2879
x-amz-id-2
5ltgZeolVaL8P7jpoamZpaRBeVgrZQD6mU7cyqKG4QLbHyxzdzgFlAf83lZ0GyLJYk/vjLdVH3c=
6-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
3 KB
4 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/6-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
QZCGMYR9CDN46ZAH
ETag
"9a6870069cb979e16b239f9ed485fb3c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3256
x-amz-id-2
RB2Aguovp7vSs/1PshcuyEPAleEvMkSsw6krbbGJzxv5Tr//qP7uwD4rrd90IKlWY+1ioGKwqAE=
7-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/7-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
RMF4BB6ECMVGTAPJ
ETag
"8155d8ecc7dc2d9b29cf99ab85c3d2a8"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2282
x-amz-id-2
2hu1eZJBrsaNaMxNZ4L4uI48lY9YuugdzDbOi3/5QaCzOxG3DLMfPTfnsScejttq8qIA7XUK6bs=
8-eu.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/8-eu.jpg
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
QZCPG0H09Z3T4JN0
ETag
"41bbda91cef3f22db1d45d66f7ca0961"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2458
x-amz-id-2
hnkox6p7WVR4WEjy9bLKq+cX9B+NpjjCgVmWDUwE6qOpoBd2Jnx0Te7BqMJ6JqGHwszM36W8Hd0=
blocked-icon.png
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
303 B
789 B
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/blocked-icon.png
Requested by
Host: nrebxx.romancedale.com
URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c8eef62a31b18850097e892dc99ce4af5a795f451f424148f8463bd6b0162521

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nrebxx.romancedale.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:48 GMT
Server
AmazonS3
x-amz-request-id
QZCW5YZ1CV0AEH7Z
ETag
"dd7797e823529164e0f6fc39efd2376a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
303
x-amz-id-2
01XigbKnZNZM+cBIGvAovkbMY5iGnNG81DH0bQn6afcnM+59/ktzuWxzaMxUfXPK2Kdcb4bq11E=
merchant
sc.tradetracker.net/tracker/ Frame 3B7D
Redirect Chain
  • https://tc.tradetracker.net/?c=27843&m=12&a=191269&u=https%3A%2F%2Factivities.transavia.com%2Fes-es%2F%3Fpartner_id%3DS6FO0GK%26cmp%3Dtopnavigation&r=v03040001614099dafe42ef45428a82db7dbc09205811&u...
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528136&url=http%3A%2F%2Fwww.transavia...
0
0

3e63f9d2e662c99c19ea98b5031cb025.mp4
cdn.zblkqa.com/video/ Frame 490D
2 MB
0
Media
General
Full URL
https://cdn.zblkqa.com/video/3e63f9d2e662c99c19ea98b5031cb025.mp4?cb=1706528120
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.190.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=32768-

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
17AECE48ECB43EFB
age
15
Content-Range
bytes 32768-2381089/2381090
alt-svc
h3=":443"; ma=86400
Content-Length
2348322
x-amz-id-2
3d1d941fbe792aeff1e829b094136390c69e62d96eb3bc552085f87039d206b4
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2024 11:35:19 GMT
server
cloudflare
etag
"c01ff897785ab8820e4b8b052494bca4"
vary
Origin, Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=28800
cf-ray
84d12bd92e2f66ce-AMS
expires
Mon, 29 Jan 2024 12:35:19 GMT
css2
fonts.googleapis.com/ Frame D018
7 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/main.css?1705586804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
988bbd699c543f1fcb84032a54d5011bd328964298b1b4568d477b76f7358bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cdn-dimi.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 10:20:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 11:35:36 GMT
vregister.php
s.magsrv.com/ Frame 490D
0
811 B
Image
General
Full URL
https://s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=5075902&0f7705819505c023f4f0140210529c44=tsVuZ8uHLpt4cdvLzq4dvXPr659ddlTlK8E.fnlu5cuW7lx5buPfW1NZLXThmEd91wNxsSvWMPOZ9PGuqCtxd.aquViRzPCZ.CeamXc1NJrgbYbtcprgqcpz68ePXx01wNz2MxwVPuU5.OXPh15a4G6oK3M.PDh18ePGuBvGaVzPrw79fPDlrgbaYrcempwz68PGuBtpiSdiB6XPty89OvDlrgbtYpgYrgmlz88OPbh44.NcDc1WfThrgbZpmuqcpz5a4G23LYGnM.GuBtpimmBynPhrgbgqnz68OWuqxnPt07dufDt55a7WI7HM.G7hy58tc9jMcFT7lK9LFbmfjhrnsZjgqfcpXasppclawzRPA1tMSTsQPSrtWU0uStYZonga3L2n2JXnF65l57GY4Kn3Kc.Oty9p9iV5xeuZeVyu6amLPjrYbXrwncz58dbs1MjFeeuBuVyu6amLPjramslrpwXmpgeglYjzCO.636651713ZqbmKW3G13Zqc9cDc9MzdjVa7TFbj01OGfHtrnpgagleXkmbcjz8a36656s.OupqlxyVelyqaOyuCaXPXZU5SvA3nw12UxrvsVP5t9OLfhpvz4d4cGeXDo558cOHnz4cad8dOXdzXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmethtmOZqLPhrgbmddcpz4a4G42JW4JXl52HnM.Gty9xqyuCaVeuCRzPhu4cdcDbbFbDTktblOfLXA20xTTA5SvVNZS05nw1yzVNUwT158NcErUz0sFcy8kzbmfDXW5VWvJM25nw10uPQTSrvOTSsSOLwN58.HHl479Nc9M1.C9VbFdlWe3jrgbnYprlcpz4a2oK8F3nJpWJHF4G8.Xnx468O.uVythqyCvBeema_BevCdzN.aquCV7XK5Ww1ZBXgvPTNfgu25U1TBPXBNLnrYbZjmaiXtcpz1wST0uVVQTSrsRxrwS2sRwNr0uMVTS1Z8tdVjPLPhrqsZ558NdTVME9a9eE7meupqmCeteViRzPXU1TBPWva5TnrZpmuqcpXtcpz4a7ac.GuCWtymViPPhrlmXdslbqz4a4G6XKp5paoLXF42MJrK8.GuBuSyOuDGaVzPhrsqcpXaYnnglez5a7KnKV2mJ54JXl3aXKLHJWsM.PTpw1uSMQRrwVT58NdTVME9a7blbEEefbXU1TBPWva5TVBNLnx1s2Ux564G2G7XKa4KnKV2G168J3M.XHXA3PTNfhn11wNyuV3TUxL14TuZ8tcDbTEk7ED0q9eE7mfDXTWyvBLa5LXNTgvA3nrprZXgltclrmpwXlYkcz122WQN58e_Dt15eOPPry78ufnjx69u3Vnv4b8d3OrHDrrrgkcqrYknz49.Hbry8cefXW1NNFA41NLU5LXnxg--
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
abc.gif
go.mnaspm.com/ Frame 490D
103 B
103 B
Image
General
Full URL
https://go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&iterationId=812424&landing=landingVAST&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOrprrolrunc5zpXSuldK6V0rpXSuldNZLXVPbNRU6iem3ee6qzSzSninaqq67TOquXifefPTNwfYA-&onlineModels=MysteryGirl7&p1=6294502&ruleId=339&segment=hls-MysteryGirl7-1&smartpopId=3564&sourceId=5075902&stripcashR=1&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
image/gif
cf-ray
84d12c3568f77020-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
report
vast.yomeno.xyz/ Frame 490D
0
324 B
Image
General
Full URL
https://vast.yomeno.xyz/report?katds_ep=AENrGrllaJE4F0oKMa8PP80vl7nqqesRwMXY7s_L02HHdlDmszqUEITmoP7VJzpvPNiPd1APkfhPOdXDlJaWHzB0HFAChIolT25DqjYqSS5yoIj9dgj3BjqgSA6ckXi1o4lw9c07a3uCroMknLG8OzYlJ95i5fqhXc5MFOVtlp157G9_mLPm-N-Oj2AFYoQ0gEn_n0MYA-UKFSIEAn2C8P2d4T9BXOlfXbkenqohjm_cD9WNs87trq8TsugAdJDrH-Z0xVA9JLozKpo
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
server
nginx/1.20.1
vary
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
event
vast.yomeno.xyz/ Frame 490D
0
268 B
Image
General
Full URL
https://vast.yomeno.xyz/event?katds_ep=s22W7x6YMyomicE_x-F2b5T7zFv4oop9L4Pk8t-SG3NRVuWhsvmxyViVXQr4nGmnZjSEUhIvTNHpYQNB9NoVYyMwPLpMyqRBkLBx6xHNZ8xoZdDUAlcNn-fZFD0ytunwN-Dbtri1vRYj3gMn1XWc9Ebs7P-GfabTED5CP6blStb4BM5GWF4AmfOf4RnK3VcVF15QzI30JN-BDxwBue7txFHaQiSv1HHUGaxiXECQGMj0kIwS-dXoHxtYoS-0
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
content-length
0
vregister.php
s.magsrv.com/ Frame 490D
0
811 B
Image
General
Full URL
https://s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=5075902&0f7705819505c023f4f0140210529c44=tsVuZ8uHLpt4cdvLzq4dvXPr659ddlTlK8E.fnlu5cuW7lx5buPfW1NZLXThmEd91wNxsSvWMPOZ9PGuqCtxd.aquViRzPCZ.CeamXc1NJrgbYbtcprgqcpz68ePXx01wNz2MxwVPuU5.OXPh15a4G6oK3M.PDh18ePGuBvGaVzPrw79fPDlrgbaYrcempwz68PGuBtpiSdiB6XPty89OvDlrgbtYpgYrgmlz88OPbh44.NcDc1WfThrgbZpmuqcpz5a4G23LYGnM.GuBtpimmBynPhrgbgqnz68OWuqxnPz588OnTlw467WI7HM.G7jy1z2MxwVPuUr0sVuZ.OGuexmOCp9yldqymlyVrDNE8DW0xJOxA9Ku1ZTS5K1hmieBrcvafYlecXrmXnsZjgqfcpz463L2n2JXnF65l5XK7pqYs.OthtevCdzPnx1uzUyMV564G5XK7pqYs.OtqayWunBeamB6CViPMI77rfrrnXvXdmpuYpbcbXdmpz1wNz0zN2NVrtMVuPTU4Z8e2uemBqCV5eSZtyPPxrfrrnqz466mqXHJV6XKpo7K4Jpc9dlTlK8DefDXZTGu.xU_m304t.Gm_Ph3hwZ5cOjnnxw4efPhxp3x05d3NcEk9LlVUE0q9VbFdlWfDXBJPS5VVBNKvBLaxHA2vS4xVNLny10uOuUuUr1QVuLvzVVysSOZ62G2Y5mos.GuBuZ11ynPhrgbjYlbgleXnYecz4a3L3GrK4JpV64JHM.G7hx1wNtsVsNOS1uU58tcDbTFNMDlK9U1lLTmfDXLNU1TBPXnw1wStTPSwVzLyTNuZ8NdblVa8kzbmfDXS49BNKu85NKxI4vA3nz4ceXjv01z0zX4L1VsV2VZ7eOuBudimuVynPhragrwXecmlYkcXgbz5efHjrw765XK2GrIK8F56Zr8F68J3M35qq4JXtcrlbDVkFeC89M1.C7blTVME9cE0uethtmOZqJe1ynPXBJPS5VVBNKuxHGvBLaxHA2vS4xVNLVny11WM8s.Guqxnnnw11NUwT1r14TuZ66mqYJ615WJHM9dTVME9a9rlOetmma6pyle1ynPhrtpz4a4Ja3KZWI8.GuWZd2yVurPhrgbpcqnmlqgtcXjYwmsrz4a4G5LI64MZpXM.GuypyldpieeCV7PlrsqcpXaYnngleXdpcosclawz49OnDW5IxBGvBVPnw11NUwT1rtuVsQR59tdTVME9a9rlNUE0ufHWzZTHnrgbYbtcprgqcpXYbXrwncz5cdcDc9M1.GfXXA3K5XdNTEvXhO5ny1wNtMSTsQPSr14TuZ8NdNbK8Etrktc1OC8DeeumtleCW1yWuanBeViRzPXbZZA3nx78O3Xl448.vLhx49.3Llw7dWe_hvx3c7c.3HXXBI5VWxJPnx78O3Xl448.utqaaKBxqaWpyWvPjA
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
abc.gif
go.mnaspm.com/ Frame 490D
103 B
103 B
Image
General
Full URL
https://go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=62bd2742e281e5c9ca290ad4d5fbfcb86660d6fc9093a631027c5c6b4a95b41b&iterationId=812424&landing=landingVAST&masterSmartpopId=2683&memberId=opc7gmbqpbKrpZ3XSzVy2zWulc6qW11Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSuldNZLXVPbNRU6vay3WbjOXOaqbOeyji3fTeWmie2i7bi5wfYA-&onlineModels=MysteryGirl7&p1=6294502&ruleId=339&segment=hls-MysteryGirl7-1&smartpopId=3564&sourceId=5075902&stripcashR=1&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32594
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
content-type
image/gif
cf-ray
84d12c3568fa7020-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
3971nMZL57yyOWy2hEejXB3h4SIuhs_bPaFRSnI3ZjUuV_b2azYscomuiDV9pYipxiW4kE7o08BWU_c
www.linkbux.com/track/ Frame DA39
1 KB
1 KB
Document
General
Full URL
https://www.linkbux.com/track/3971nMZL57yyOWy2hEejXB3h4SIuhs_bPaFRSnI3ZjUuV_b2azYscomuiDV9pYipxiW4kE7o08BWU_c?url=http%3A%2F%2Fwww.i-run.fr&uid=v030400016140a0f886e628b446c5925c0c00df9acf3e
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=etfpa%3Af%2F0wc.ci2k5u6.4o8%2F6r6c8%2F09011M1L074y3Wv2dEujrB.huS-u.swbFa%25R2nA3%25jtuh_l2uzcsUoBu0D79kYWpxii4pEVoi8mWc_Y%3Farb%3DVtUpZ3I%25SFF2Pw_whiIr4n3fX%26eih%3Dy0O0y050Z6n47a3fk8aet2mbc4xcb9n5l0w0wd%2F9sct3h&e=1&ai=88cc5440c333413390da98580af13aaf&sct=0&ct=1706528136399&cu=a0f886e628b446c5925c0c00df9acf3e&ykuid=66fb30ce552c4a6fa069a63de9eed6ec&sc=1&cs=f2ddf576f6e63a27effcb46f617802de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.238 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c6f62b777da45f80ae05b879db573a0f6fc5cbc351bc09a1d059e74976f6cae1

Request headers

Referer
https://r.linksprf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jan 2024 11:35:37 GMT
EagleId
a3b55c9917065281372392700e
Server
Tengine
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
cache40.l2us2[109,0], ens-cache5.de5[262,0]
1.jpg
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
61 KB
62 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/1.jpg
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/main.css?1705586804
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9d9b1d309fcf756e2bd55c15e3947b852c1c9c2a8310cb0aaaf4ff3f2abc015c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/main.css?1705586804
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:50 GMT
Server
AmazonS3
x-amz-request-id
DDX5FWS13JFHYHNG
ETag
"3198f2aac7acb7777db1762c7c3ffe87"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
62803
x-amz-id-2
HQ95CMh0N3l53lAFnN2qHBA2W53Bn/osVhUxwrNkcHxIdCW4v1JhugwRYzcl0GVLrvsnhQO/rvc=
action_icons_20px_2x.png
cdn-dimi.akamaized.net/landings/278388/1705586804/images/ Frame D018
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/278388/1705586804/images/action_icons_20px_2x.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/reviews.css?1705586804
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/278388/1705586804/css/reviews.css?1705586804
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:36 GMT
Last-Modified
Thu, 18 Jan 2024 14:06:49 GMT
Server
AmazonS3
x-amz-request-id
S0CBEFC2FZ9Y1GTY
ETag
"b699975b5fe73b087e711a33ff24ee1e"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1726
x-amz-id-2
ZB9ESioOXAX6/cGJDjCLmEbvXQ9Cj2wz/BWmMUD/poOzPQDJ6ZgIbT05sI3+vt0kHl2UrscIds4=
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame D018
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nrebxx.romancedale.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:34:04 GMT
x-content-type-options
nosniff
age
583292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 17:34:04 GMT
tracking-event
api.webgains.io/ Frame A1A7
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-219-216.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-219-216.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 29 Jan 2024 11:35:36 GMT
server
nginx
report
vast.yomeno.xyz/ Frame 490D
0
324 B
Image
General
Full URL
https://vast.yomeno.xyz/report?katds_ep=NUt67nTw5TQIejIBM0zBPZlwlTywHXvjRzo-WzdVpU3Rkl2HmgSJDFS3RqnrSExxf88oLaantpLtof0VzLI_dAvQLIN7qq-QJLBjeA1pLdKvxOqcwZv9AVLpsUqgS0gGK9_co-OpLRvy9tYoeQplPY66gLJFZpFQsJQ2MMQp_fUj6O6ahjJpTp-6wtslr9_Wak6pLtJIFjapaEZXVAiAGkkQtOR4m8unZPkUdB_G0EwpBOvL0FAe7VmytNiTjJV4OXMspVWo
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=TTGT83ujgt9KKwJqGt0ZAG3AfAm0R86blV3w7G0rSxxbkN9l7aWkISBVytKvCybd&d=CAAg9QVk2t0XoqyAQk11vdqR9GyO8zRf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:36 GMT
server
nginx/1.20.1
vary
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame D47E
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
5392569
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84d12c37cc736fea-CDG
cdn-requestpullsuccess
True
jquery-3.3.1.min.js
code.jquery.com/ Frame D47E
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4062023
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-lcy-eglc8600079-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706528137.923335,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 382099
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame D47E
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1029
age
5391964
cdn-cachedat
10/31/2023 19:19:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
961c2b7b2d788121b27e125e4b8e1833
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84d12c37cc786fea-CDG
cdn-requestpullsuccess
True
jGP2
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/jGP2
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

FEXJ
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/FEXJ
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Lj3C
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/Lj3C
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

3ZLr
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/3ZLr
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

3UK1
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/3UK1
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

y13a
gdurl.com/ Frame D47E
0
0
Image
General
Full URL
https://gdurl.com/y13a
Requested by
Host: pkuwp.sandothesooile.info
URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pkuwp.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 272A
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
5392569
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84d12c37cc756fea-CDG
cdn-requestpullsuccess
True
jquery-3.3.1.min.js
code.jquery.com/ Frame 272A
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4062023
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-lcy-eglc8600079-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706528137.923433,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 382100
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 272A
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1029
age
5391964
cdn-cachedat
10/31/2023 19:19:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
961c2b7b2d788121b27e125e4b8e1833
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84d12c37cc796fea-CDG
cdn-requestpullsuccess
True
jGP2
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/jGP2
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

FEXJ
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/FEXJ
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Lj3C
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/Lj3C
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

3ZLr
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/3ZLr
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

3UK1
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/3UK1
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

y13a
gdurl.com/ Frame 272A
0
0
Image
General
Full URL
https://gdurl.com/y13a
Requested by
Host: xdufs.sandothesooile.info
URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.239.7.51 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
rommelsantor.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xdufs.sandothesooile.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

api_dynamic.js
cdn-eu.dynamicyield.com/api/9879818/ Frame C312
594 KB
62 KB
Script
General
Full URL
https://cdn-eu.dynamicyield.com/api/9879818/api_dynamic.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:c200:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
f1609f547a7db295769d792f946dbdd3c4cb7837ba4b0dab157cc3f8f5800408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:36 GMT
content-encoding
gzip
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Sun, 28 Jan 2024 10:15:26 GMT
server
DYCDN
age
2
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
W/"2c7372fd6485fe2652e81ca3fe15cc90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
dPcgPujDWwQFDlff_1_xmpuMviQ3yjDmR4nfXACOo-qkvMkasRzVmw==
api_static.js
cdn-eu.dynamicyield.com/api/9879818/ Frame C312
389 KB
115 KB
Script
General
Full URL
https://cdn-eu.dynamicyield.com/api/9879818/api_static.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:c200:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
4465ae539c01e67a60534fe1492cf9ef7c7d6c6afc1b5a997b3c66a007650501

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:56:29 GMT
content-encoding
gzip
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Sun, 28 Jan 2024 10:15:27 GMT
server
DYCDN
age
2349
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
W/"9bdc2cf7bb033f2f525f384251471823"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
N3ttg1dNe718pSFwYOT7EFDLrK4hqh_LUJXWTcNXZToDS9BFUjicNw==
sm15-global.css
www.hp.com/fr-fr/shop/html/headermenus/css/ Frame C312
260 KB
46 KB
Stylesheet
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4dc3c993cb3c2d6f8281e8689764cc607bcb0431d754c85eded1b766369fa275
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Tue, 23 Jan 2024 10:03:29 GMT
server
akamai-grn
0.96a02417.1706528137.695485ca
etag
"4fa6406ae34dda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=254387
server-timing
ak_p; desc="1706528137063_388276374_1767146954_5707_13698_33_0_255";dur=1
accept-ranges
bytes
content-length
47168
expires
Thu, 01 Feb 2024 10:15:24 GMT
hpsimplified_lt.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ Frame C312
40 KB
40 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_lt.woff
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be7c3dbbb8fbafe5a2cd498c3afb85da32856354c0482cf156797c07840cd8ab
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.695485cc
etag
"0a3f260b3fcd91:0"
content-type
font/x-woff
cache-control
max-age=7252528
server-timing
ak_p; desc="1706528137063_388276374_1767146956_5707_13612_33_0_219";dur=1
accept-ranges
bytes
content-length
41032
expires
Mon, 22 Apr 2024 10:11:05 GMT
hpsimplified_rg.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ Frame C312
33 KB
34 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_rg.woff
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e8b595117a19079c84d068fb40d01dd517ed6eb95236a1f980cb3bd2de0e6e10
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.695485cd
etag
"0a3f260b3fcd91:0"
content-type
font/x-woff
cache-control
max-age=7252531
server-timing
ak_p; desc="1706528137063_388276374_1767146957_5711_13558_33_0_219";dur=1
accept-ranges
bytes
content-length
33984
expires
Mon, 22 Apr 2024 10:11:08 GMT
hpsimplified_bd.woff
www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/ Frame C312
32 KB
32 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/hp-simplified/hpsimplified_bd.woff
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6eafbec64e77f472e4720532746f058934cf0ad44f1f3a25d9dcb5e26a545d37
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.695485ce
etag
"0a3f260b3fcd91:0"
content-type
font/x-woff
cache-control
max-age=7252496
server-timing
ak_p; desc="1706528137063_388276374_1767146958_5731_13363_33_0_219";dur=1
accept-ranges
bytes
content-length
32640
expires
Mon, 22 Apr 2024 10:10:33 GMT
jquery.plugins.min.js
www.hp.com/fr-fr/shop/html/headermenus/js/libs/ Frame C312
101 KB
29 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/libs/jquery.plugins.min.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63ae5d14ceffc2560197362022f839b1c6418420cf035f90efa1d58fdaaf6911
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Sat, 14 Sep 2019 04:07:21 GMT
server
akamai-grn
0.96a02417.1706528137.695485cf
etag
"8a1f20e8b16ad51:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254389
server-timing
ak_p; desc="1706528137063_388276374_1767146959_5714_13614_33_0_219";dur=1
accept-ranges
bytes
content-length
29255
expires
Thu, 01 Feb 2024 10:15:26 GMT
app.page.all.js
www.hp.com/fr-fr/shop/html/headermenus/js/ Frame C312
133 KB
41 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/app.page.all.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c41175ddbba421a4203d9401dd8b6deaf861fe8a94de6119c184245e5644abb1
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Thu, 18 Jan 2024 12:47:57 GMT
server
akamai-grn
0.96a02417.1706528137.695485d0
etag
"14cb2390c4ada1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254396
server-timing
ak_p; desc="1706528137063_388276374_1767146960_5714_13641_33_0_219";dur=1
accept-ranges
bytes
content-length
41053
expires
Thu, 01 Feb 2024 10:15:33 GMT
jquery-1.8.3.min.js
www.hp.com/fr-fr/shop/js/ Frame C312
91 KB
33 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Thu, 12 Oct 2023 02:23:48 GMT
server
akamai-grn
0.96a02417.1706528137.695485d1
etag
"052c421b3fcd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=81369
server-timing
ak_p; desc="1706528137063_388276374_1767146961_5716_13478_33_0_219";dur=1
accept-ranges
bytes
content-length
33471
expires
Tue, 30 Jan 2024 10:11:46 GMT
html-entity-encoder.min.js
www.hp.com/fr-fr/shop/html/headermenus/js/libs/ Frame C312
73 KB
30 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/libs/html-entity-encoder.min.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b09c581d98c57faa63e84fa1726be83c87f1389b467e505c041d9724fc745c7
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528137.695485d2
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137063_388276374_1767146962_5720_13538_33_0_219";dur=1
content-length
30092
last-modified
Thu, 19 Oct 2023 15:38:20 GMT
server
mpulse_cdn_cache
HIT
etag
"9427a49a22da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=81360
accept-ranges
bytes
expires
Tue, 30 Jan 2024 10:11:37 GMT
luxon.min.js
www.hp.com/fr-fr/shop/html/assets/js/libs/ Frame C312
72 KB
22 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/assets/js/libs/luxon.min.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ca83240c05ccf168cf37af4e0a3c7aad972eba950e1a534537309627fc53373d
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528137.695485d3
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137063_388276374_1767146963_5742_13034_33_0_219";dur=1
content-length
22008
last-modified
Tue, 31 Oct 2023 16:42:36 GMT
server
mpulse_cdn_cache
HIT
etag
"ea2b444119cda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=81438
accept-ranges
bytes
expires
Tue, 30 Jan 2024 10:12:55 GMT
js
www.paypal.com/sdk/ Frame C312
264 KB
79 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AVVMTE5uxXyRT_foWCIo0ACPx-7RylnMKpTthDmyWnz3oR_8z_6KpQ3sxYdo45YG4D-rQNcckBq1TxFK&currency=EUR&components=messages
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c443f66a6bd1caa9ba9371084fb82bfc6ca6266737c48dd76e68d6543a90320
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 29 Jan 2024 11:35:37 GMT
age
10664
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f874506338222
server-timing
"traceparent;desc="00-0000000000000000000f874506338222-e8d97c64c3488868-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79274
x-xss-protection
1; mode=block
x-served-by
cache-lhr7349-LHR, cache-lcy-eglc8600059-LCY, cache-lcy-eglc8600059-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f874506338222-9670aa710ba12db9-01
x-timer
S1706528137.015830,VS0,VE4
etag
W/"135aa-0YF4xu0OX/xx07wWxZpu514QSOI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 7, 0
homepage.css
www.hp.com/fr-fr/shop/html/headermenus/css/ Frame C312
36 KB
7 KB
Stylesheet
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/css/homepage.css?merchSv=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
127eef90ad478ed2f4f646713a6e90e7b2b203c3c3e0731f09158b1c3c5c21f0
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Thu, 25 Jan 2024 10:07:38 GMT
server
akamai-grn
0.96a02417.1706528137.695485cb
etag
"e9605e53764fda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=255009
server-timing
ak_p; desc="1706528137063_388276374_1767146955_5723_13502_33_0_255";dur=1
accept-ranges
bytes
content-length
7154
expires
Thu, 01 Feb 2024 10:25:46 GMT
71a8d5e6
www.hp.com/akam/13/ Frame C312
26 KB
9 KB
Script
General
Full URL
https://www.hp.com/akam/13/71a8d5e6
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
287605180cd13181651cae4edd377be5a63cdd2ecd431c9e07bd6ccaab6c2f5e
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Wed, 09 Feb 2022 15:08:14 GMT
akamai-grn
0.96a02417.1706528137.69548dec
etag
"947067b72132cee3b7d5591468686dc94b6576e80746a533f5b386cf62c6b002"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1706528137479_388276374_1767149036_160_7619_31_0_146";dur=1
content-length
8756
expires
Mon, 29 Jan 2024 11:35:37 GMT
windows10_mda.png
www.hp.com/fr-fr/shop/Html/HeaderMenus/images/ Frame C312
2 KB
2 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/HeaderMenus/images/windows10_mda.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
93065ab750c1916d62bab59ec8fb1140ee73b5a0908f5da7a983b83fe623b3af
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Tue, 27 Jul 2021 14:04:02 GMT
server
akamai-grn
0.96a02417.1706528137.69548ded
etag
"9767941f082d71:0"
content-type
image/png
cache-control
max-age=0, no-cache
server-timing
ak_p; desc="1706528137480_388276374_1767149037_131_13203_31_0_146";dur=1
accept-ranges
bytes
content-length
1980
expires
Mon, 29 Jan 2024 11:35:37 GMT
24C1-FR-Winter-Sale-Consumer-SB-Carousel-MOBILE-720x350_659823a560212.jpg
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
91 KB
92 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-Carousel-MOBILE-720x350_659823a560212.jpg
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b7d7fd7f64ddee014613b92a0276242a4b0baee340c762dcad4033a2bb25df8
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 15:43:33 GMT
server
akamai-grn
0.96a02417.1706528137.695485d5
mpulse_cdn_cache
MISS
etag
"d8b55bf0ed3fda1:0"
content-type
image/jpeg
cache-control
max-age=31012517
mpulse_origin_time
98
server-timing
ak_p; desc="1706528137064_388276374_1767146965_5772_12748_33_0_182";dur=1
accept-ranges
bytes
content-length
93520
expires
Wed, 22 Jan 2025 10:10:54 GMT
24C1-FR-HP-Store-Employee-SB-Carousel-MOBILE-720x350_65a52c348600d.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
100 KB
100 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-HP-Store-Employee-SB-Carousel-MOBILE-720x350_65a52c348600d.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
171c28a4d21a547826bdcb4b788e9ae81fb9f72d23d34934388cfe7240881b79
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Mon, 15 Jan 2024 12:59:32 GMT
server
akamai-grn
0.96a02417.1706528137.695485d6
mpulse_cdn_cache
HIT
etag
"364ae5aeb247da1:0"
content-type
image/png
cache-control
max-age=31027004
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137063_388276374_1767146966_5720_13408_33_0_182";dur=1
accept-ranges
bytes
content-length
102326
expires
Wed, 22 Jan 2025 14:12:21 GMT
23C3-FR-Spectre-Edna-Store-Banners-Carousel-MOBILE-720x350_651ee7f7b77e0.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
123 KB
124 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/23C3-FR-Spectre-Edna-Store-Banners-Carousel-MOBILE-720x350_651ee7f7b77e0.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c2acc9a63cc0a9b85b1eb0f8205ef8c4327806c20c3f4981b481192da860ff0b
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 16:44:39 GMT
server
akamai-grn
0.96a02417.1706528137.69548ba3
mpulse_cdn_cache
MISS
etag
"3afab03babf7d91:0"
content-type
image/png
cache-control
max-age=31015565
mpulse_origin_time
109
server-timing
ak_p; desc="1706528137363_388276374_1767148451_29_15245_31_0_182";dur=1
accept-ranges
bytes
content-length
125995
expires
Wed, 22 Jan 2025 11:01:42 GMT
truncated
/ Frame 272A
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c70fdef209cafd69edc3772f7189d87ff99bb3c96f422103482d8fe58eb21aa0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 272A
50 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cb1c020793621bdbf546362e835626223e7b1d28a8054152ad758cf81ab9aea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 272A
45 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdcbb7ce1d42f974cd2233669f1d3ef225620f309d864bef1af16d4754d95086

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 272A
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b37c8443c8ed487a8ea27249c5c748bf5d7f0021e6799bb306fbdbfc793cfc6c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 272A
88 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6eaf4eaca19e1ea739b24e3ae3ea55cf0df20d6e67cb4bccbda6b2847ddca6b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 272A
90 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecfbed11c9ed3f324e869c76e3025806948a6b51a0ac81bf6292042c9c245385

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
activeview
pagead2.googlesyndication.com/pcs/ Frame A1A9
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-8G25DD7JiOroEw-stvfLAuwcciM6TCCCXsZcy9y5cy9mtw0NNE2cS2easqADGmOBg-lYyFyf8jj0481JpGMDRhgr25Wy3IlKzpUTGSG8YiycEIuYt8L4EpcEoYZf30aeitbrg574mw6KqL6qh07aft27&sai=AMfl-YTaQRRn3mONgsnwP8zkBIcQ9R7k2y-4VLLX4__meqNQri_e0GIpw_q3j2v_c88a4lfV-5PpJn38eJr9KRe-6ncKPm3YqS-HC8trlRMj2p3QzFssQiJcjGv8bwrV7o4yLFEZMwLvGXtxmLzy9NEO8g&sig=Cg0ArKJSzDL6cPyFlNmeEAE&cid=CAQSTwAvHhf_6V508KMI043vFZjxQPcz3W4LSoUfdeslpUDXmX3u7cwFlG2sfGr3OIJRCM50rS7MPc7Zt8DOHcSBxKLqhM3R5YGX3KpvMYpTn44YAQ&id=lidar2&mcvt=1181&p=0,0,90,728&mtos=939,1181,1181,1181,1181&tos=939,242,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170652813500&rst=1706528135435&rpt=461&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ak.whookroo.com/ Frame 30D2
0
0
Document
General
Full URL
https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=RoI0FbOohkRFXNza9Qm6CtDoBqN5kH4otFhM7zyCvncKtZCZ5yo6mac94eCIl_uI3UoDle3r33kUhMcdKx2m3MP2U8wKg8dvJytcLrm8njh4uta9Tx4faNDFMTUUJRGo3wSeLUtJkt3o2YQ4EkSp6aCyIrlNyyskEVX5rxCBuZjfjCMd-EUJ96-az_LOP2aAb06yCqjpBPU8o4RvliSG1fDMgPRd441DAQkqApfKmVUvqpKHl2enwnV5d6nJxRfwK6rxx1H7r3k0oKtEQE4Yxrc_JBNXFkvuf76LTA==&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ak.whookroo.com/afu.php?zoneid=6600082&var=6600082&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
date
Mon, 29 Jan 2024 11:35:37 GMT
expires
Mon, 29 Jan 2024 11:35:37 GMT
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
/
ak.whookroo.com/ Frame FE52
0
0
Document
General
Full URL
https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=LRwW8VhudYaBZRAv9dHbicV0-xdXqJCFNZfpUWwTYH2SRmYhsH4lha3LCtkWk-78rsX_p1wSgL_VcPLJ8QxNx5ZwCFcoJ6-E8VvllBQqzDtIPwWNbsKDQW0dzxT9t6OMYje2jkvTFWg62KI8Fii35Uwu0w2Y1nRZoDhfKlwyFzmBW5UvxrSsILtzOTeMbcBRH8VZ09mHRcE0KnRfFJMQvKQTBHPe602BSHnLUZCasvvTxzV0BoJD0Ke1R9LXZwEgF1zf8CBkQDrkn0kQG-hEVG1WtIe7LEssgnbUkg==&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ak.whookroo.com/afu.php?zoneid=6600082&var=6600082&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
date
Mon, 29 Jan 2024 11:35:37 GMT
expires
Mon, 29 Jan 2024 11:35:37 GMT
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
/
ak.whookroo.com/ Frame 1116
0
0
Document
General
Full URL
https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false&rb=r9HRRBzA6-RIzzc4tWzIu-kIX0iEvqdZQIwZGmEC4KwecH78C-IQX00vk9Gu6jaKIWCsY4JnL512ed1Z_NQQQJyx0J5uFvGIw9iFMHA3Jz9ObkQzFg0u9dWTm49fsHhlbB4zT_26jWAYRhpYx_aeh2nnl34hQ9uLswE8GSyr_gPVGyxWvtRtkRt1NgopYPOXG72eLqcHFFa0L3AbaztY4GaZKboQY-yELm9aW3RgQia3FWl2wGdVf-D7B-HVCrdJ3gMBJpfLr26zwbUYMEeHiRNrb8Ic_uCp8clevA==&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ak.whookroo.com/afu.php?zoneid=6600082&var=6600082&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
date
Mon, 29 Jan 2024 11:35:37 GMT
expires
Mon, 29 Jan 2024 11:35:37 GMT
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
truncated
/ Frame D47E
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c70fdef209cafd69edc3772f7189d87ff99bb3c96f422103482d8fe58eb21aa0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame D47E
50 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cb1c020793621bdbf546362e835626223e7b1d28a8054152ad758cf81ab9aea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D47E
45 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdcbb7ce1d42f974cd2233669f1d3ef225620f309d864bef1af16d4754d95086

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D47E
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b37c8443c8ed487a8ea27249c5c748bf5d7f0021e6799bb306fbdbfc793cfc6c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D47E
88 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6eaf4eaca19e1ea739b24e3ae3ea55cf0df20d6e67cb4bccbda6b2847ddca6b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D47E
90 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecfbed11c9ed3f324e869c76e3025806948a6b51a0ac81bf6292042c9c245385

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
activeview
pagead2.googlesyndication.com/pcs/ Frame F813
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFPWFD72zrkT6uFDpYc9GavquDGaszmqhWN6Ehx90t7QhMZZxsI4KZeXNH-PLvHf8glSXQZrwW5GMOVcRxsr2qBIRwf_lHxO4Q5IFH7CXixHT_mbbHGbH57s970NzxmPD2umxUVqyI7a5qdNe1nv7H0F6F&sai=AMfl-YQhdJhwJaPh9aAqYX2Eya8EFZvTP01EUrw-zxkIHnBZRBkWZ83H3zboxLWNTWMGFeAy1gd1nnXeBb9ux1Nwq_lFqcxK4duRfmSXDs5zC3FEs33hKLqkE_ZLHZVWxXV_WoaZiqlzAoVaUyNOoWR8gA&sig=Cg0ArKJSzEUZtK3EBFlLEAE&cid=CAQSTwAvHhf_6V508KMI043vFZjxQPcz3W4LSoUfdeslpUDXmX3u7cwFlG2sfGr3OIJRCM50rS7MPc7Zt8DOHcSBxKLqhM3R5YGX3KpvMYpTn44YAQ&id=lidar2&mcvt=1215&p=0,0,600,160&mtos=1215,1215,1215,1215,1215&tos=1215,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170652813500&rst=1706528135361&rpt=614&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hpapi.min.js
www.hp.com/fr-fr/shop/js/webapijs/ Frame C312
33 KB
5 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/js/webapijs/hpapi.min.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5e6383aa6ea59d91ca3f151208063fe01f3f9260e166190ffe0d866458e93ae2
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Thu, 12 Oct 2023 02:23:46 GMT
server
akamai-grn
0.96a02417.1706528137.69548c1d
etag
"0259320b3fcd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=81340
server-timing
ak_p; desc="1706528137385_388276374_1767148573_254_16478_31_0_182";dur=1
accept-ranges
bytes
content-length
4222
expires
Tue, 30 Jan 2024 10:11:17 GMT
application.js
www.hp.com/fr-fr/shop/html/headermenus/js/ Frame C312
33 KB
10 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/application.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0ffcf44b96c336b14aa356ab1884f378e8f0e4f35c8b79310a86b5171c5e41d
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Tue, 23 Jan 2024 10:13:48 GMT
server
akamai-grn
0.96a02417.1706528137.69548cf5
etag
"fd5337dbe44dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254336
server-timing
ak_p; desc="1706528137430_388276374_1767148789_139_15052_31_0_182";dur=1
accept-ranges
bytes
content-length
9428
expires
Thu, 01 Feb 2024 10:14:33 GMT
privacy-banner.js
www.hp.com/cma/ng/lib/exceptions/ Frame C312
17 KB
9 KB
Script
General
Full URL
https://www.hp.com/cma/ng/lib/exceptions/privacy-banner.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7de78518bec6f905ce315eba5bc7207cfee92762da2654a2f1dea6950464eda2
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
server
Apache
akamai-grn
0.96a02417.1706528137.69548dee
etag
"60eb03cc76f40"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=7200
server-timing
ak_p; desc="1706528137479_388276374_1767149038_117_13484_31_0_146";dur=1
accept-ranges
bytes
content-length
8902
expires
Mon, 29 Jan 2024 13:35:37 GMT
MbYD4vfCs
www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/ Frame C312
224 KB
83 KB
Script
General
Full URL
https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
br
strict-transport-security
max-age=600
last-modified
Wed, 02 Aug 2023 16:13:26 GMT
akamai-grn
0.96a02417.1706528137.69548deb
etag
"d15999c060cd843cceffa40902030823965674cd54ab7971bcc3b2327250044a"
stored-attribute-sha-checksum
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d
content-type
application/javascript
cache-control
max-age=21600
server-timing
ak_p; desc="1706528137480_388276374_1767149035_145_6974_31_0_182";dur=1
content-length
83647
expires
Wed, 28 Feb 2024 00:03:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 28DC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPaPwDDG7eQs91bU-m3ZEwAPyXZTk12_DHi_53Tis2cB2A949FdvugrSD-hDM44kccQUS_RtHtBOnYGVYl6hujWzLUcdRLaHH3ehhbqVw3W-D47X7CoMVGhwsyPhX9ae5l4cIc6NRaA4CSgitoKif5Nm2s&sai=AMfl-YTSI9y007LLn8A-41Zj9bSljj8g0R7OyYlsE8R677kr7ULS_g7uwUdoXqM0u54PeJbpaATx0rWw2zJYoVgODLJ-W6PF409fxgBOMbsJlr0V8vbsohsyzltXzAjC5aVIOKoPWPLN7Oe0siyZNPJdeg&sig=Cg0ArKJSzNP9_rt_HVCMEAE&cid=CAQSTwAvHhf_6V508KMI043vFZjxQPcz3W4LSoUfdeslpUDXmX3u7cwFlG2sfGr3OIJRCM50rS7MPc7Zt8DOHcSBxKLqhM3R5YGX3KpvMYpTn44YAQ&id=lidar2&mcvt=1179&p=0,0,600,160&mtos=1179,1179,1179,1179,1179&tos=1179,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170652813500&rst=1706528135404&rpt=575&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
offmantiner.com/ Frame 4515
0
0
Document
General
Full URL
https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false&rb=FLf1ZnqFoweMbjCozKKtSCrg4CjONLRuF-xrmFRFWJMvNaKbGyjbAiaNcsyngfYzp7ZDT9TINXhWEbo5M_S2FQ_3WcuoTr1XEqYXj0iaCWkNeiAZDMd1MTx4U5US71YTXMi-GCLKpJJS3p2y4i9XoIGVTfm-qy8YmIqFc2vt9mT15NMcXvoTQUXoqTC-Ca8u1OoYvyg8MmWGnWa9LUXUj3BBYB83eWHq-3RfZvRvdTeGPfOOPmVDEFKMmKawvo9GvV5avPYb6jiNppWmc6cojrgp27cqt8AXeh2mNzQByrvRIvr4EGjzNIG5V9Jnh_zEDahr2q6BwGuaZ1FEcCbv3N9hnMs=&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://offmantiner.com/afu.php?zoneid=6120639&var=6120639&rid=X9ByeUB6lykvSb0mSmFbHw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
date
Mon, 29 Jan 2024 11:35:37 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
truncated
/ Frame 69CB
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C312
402 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b82d28afc20e615477613949f07b8a8864cf09b19541f413e14ff6e6f6a9056d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
cta-logo.png
gis.goinstore.com/gis/images/img/ Frame C312
35 KB
36 KB
Image
General
Full URL
https://gis.goinstore.com/gis/images/img/cta-logo.png?retailerToken=e7139f08-440b-4b1f-a5a7-2ed313928a4f
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.9.11 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-9-11.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
decf395ad45761069830e90d1241f83ef99d19e79e4906d48b8e339003d69f57
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.goinstore.com https://*.premiumretail.io; script-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.opentok.com https://*.zencdn.net https://cdn.jsdelivr.net https://*.bootstrapcdn.com; connect-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.opentok.com https://*.loggly.com https://*.tokbox.com wss://*.tokbox.com https://*.zencdn.net https://cdn.jsdelivr.net; style-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.zencdn.net https://*.bootstrapcdn.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' https://*.goinstore.com https://*.premiumretail.io data: ; media-src 'self' https://*.goinstore.com https://*.premiumretail.io; font-src 'self' https://*.goinstore.com https://*.premiumretail.io https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.gstatic.com/;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self' https://*.goinstore.com https://*.premiumretail.io; script-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.opentok.com https://*.zencdn.net https://cdn.jsdelivr.net https://*.bootstrapcdn.com; connect-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.opentok.com https://*.loggly.com https://*.tokbox.com wss://*.tokbox.com https://*.zencdn.net https://cdn.jsdelivr.net; style-src 'self' https://*.goinstore.com https://*.premiumretail.io https://*.zencdn.net https://*.bootstrapcdn.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' https://*.goinstore.com https://*.premiumretail.io data: ; media-src 'self' https://*.goinstore.com https://*.premiumretail.io; font-src 'self' https://*.goinstore.com https://*.premiumretail.io https://fonts.googleapis.com https://*.bootstrapcdn.com https://*.gstatic.com/;
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/png;charset=UTF-8
content-length
35990
x-xss-protection
0
truncated
/ Frame C312
1014 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16c7503206f9bd871bfbbf75eb991b37b0d8a77d32efa2f07c79348ab88ab04b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C312
1018 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85f83bbe07d381c50827f9b52fdefbcb0474974953785dba152d7d556598d3c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C312
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5dc036bd00efe751a3fb50c76d665056cd0a24263f6bac82473d38984a05c9f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
24C1-FR-Winter-Sale-Consumer-SB-Carousel-1904x445_6598230900a73.jpg
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
233 KB
233 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-Carousel-1904x445_6598230900a73.jpg
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b73591b9b3e56652cd94798155b7048730a3e701902f080c6d95db44e6004538
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 15:40:56 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc1
mpulse_cdn_cache
MISS
etag
"afc92693ed3fda1:0"
content-type
image/jpeg
cache-control
max-age=31012514
mpulse_origin_time
100
server-timing
ak_p; desc="1706528137578_388276374_1767149505_84_12113_39_0_146";dur=1
accept-ranges
bytes
content-length
238541
expires
Wed, 22 Jan 2025 10:10:51 GMT
24C1-FR-HP-Store-Employee-SB-Carousel-1904x445_65a52c259d9b5.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
166 KB
167 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-HP-Store-Employee-SB-Carousel-1904x445_65a52c259d9b5.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d445b10d6bfaaf61918bab531e287c085784ca6f12ea5e4e6a4a473517daf6f3
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Mon, 15 Jan 2024 12:59:17 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc2
mpulse_cdn_cache
HIT
etag
"c327a6b247da1:0"
content-type
image/png
cache-control
max-age=31027038
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137581_388276374_1767149506_341_8729_39_0_146";dur=1
accept-ranges
bytes
content-length
170275
expires
Wed, 22 Jan 2025 14:12:55 GMT
23C3-FR-Spectre-Edna-Store-Banners-Carousel-1904x445_651ee7e901ee1.jpg
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
179 KB
179 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/23C3-FR-Spectre-Edna-Store-Banners-Carousel-1904x445_651ee7e901ee1.jpg
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
256da8225f771c00efc3840bdf4a86b7eb748c738ac43b8b0312086942164023
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 16:44:24 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc5
mpulse_cdn_cache
MISS
etag
"312ee732abf7d91:0"
content-type
image/jpeg
cache-control
max-age=31015498
mpulse_origin_time
104
server-timing
ak_p; desc="1706528137578_388276374_1767149509_95_11977_39_0_146";dur=1
accept-ranges
bytes
content-length
182911
expires
Wed, 22 Jan 2025 11:00:35 GMT
chevron-bg-2-left_6352ab6b9909e.png
www.hp.com/gb-en/shop/Html/Merch/Banners/ Frame C312
266 B
662 B
Image
General
Full URL
https://www.hp.com/gb-en/shop/Html/Merch/Banners/chevron-bg-2-left_6352ab6b9909e.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15bd5e46b9a40115a18b8c72b1954d7e9aa86013f5453e8ea4428fa68730f693
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 21 Oct 2022 14:23:39 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc6
etag
"6d32e2b658e5d81:0"
content-type
image/png
cache-control
max-age=31012464
server-timing
ak_p; desc="1706528137578_388276374_1767149510_80_11916_39_0_146";dur=1
accept-ranges
bytes
content-length
266
expires
Wed, 22 Jan 2025 10:10:01 GMT
chevron-bg-2-right_6352ab6d21570.png
www.hp.com/gb-en/shop/Html/Merch/Banners/ Frame C312
247 B
678 B
Image
General
Full URL
https://www.hp.com/gb-en/shop/Html/Merch/Banners/chevron-bg-2-right_6352ab6d21570.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c322c6f83c6ad4eb1e5be2b663fef3852e70addbdc49345aa5ebe761b3e957b1
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 21 Oct 2022 14:23:41 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc7
mpulse_cdn_cache
HIT
etag
"a0c1c8b758e5d81:0"
content-type
image/png
cache-control
max-age=31012437
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137578_388276374_1767149511_88_11983_39_0_146";dur=1
accept-ranges
bytes
content-length
247
expires
Wed, 22 Jan 2025 10:09:34 GMT
24C1-FR-Winter-Sale-Consumer-SB-NTB-Spectrex360-14-Dashiell-Black-Single-Mosaic-253x418_659e782eb2a0c.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
37 KB
38 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-NTB-Spectrex360-14-Dashiell-Black-Single-Mosaic-253x418_659e782eb2a0c.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae95dd813d041cbda8eaaa855f6950edb18d17090ca9f1d3257f68efc7e49bcf
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:57:50 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc8
mpulse_cdn_cache
MISS
etag
"42519edab343da1:0"
content-type
image/png
cache-control
max-age=31012476
mpulse_origin_time
98
server-timing
ak_p; desc="1706528137578_388276374_1767149512_89_11962_39_0_146";dur=1
accept-ranges
bytes
content-length
38237
expires
Wed, 22 Jan 2025 10:10:13 GMT
24C1-FR-Winter-Sale-Consumer-SB-NTB-OMEN-17-Cybug-Single-Mosaic-253x418_659e786b4253e.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
59 KB
60 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-NTB-OMEN-17-Cybug-Single-Mosaic-253x418_659e786b4253e.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1f8e5df2ea8e7735c63689aaea200709ef1525a450f00a46bb689bfc60a27a2
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:58:51 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc9
mpulse_cdn_cache
MISS
etag
"8378b4feb343da1:0"
content-type
image/png
cache-control
max-age=31012526
mpulse_origin_time
119
server-timing
ak_p; desc="1706528137579_388276374_1767149513_133_11314_39_0_146";dur=1
accept-ranges
bytes
content-length
60498
expires
Wed, 22 Jan 2025 10:11:03 GMT
24C1-FR-Winter-Sale-Consumer-SB-DTP-AiO-ENVY-34-Montes-Single-Mosaic-253x418_659e77c613997.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
41 KB
42 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-DTP-AiO-ENVY-34-Montes-Single-Mosaic-253x418_659e77c613997.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1a3a3eb93d9b6ffced0ce13a8e186a7b97833313cd12115e2ccc708fe4f5197e
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:06 GMT
server
akamai-grn
0.96a02417.1706528137.69548fca
mpulse_cdn_cache
HIT
etag
"c4893d9cb343da1:0"
content-type
image/png
cache-control
max-age=31012503
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137578_388276374_1767149514_89_11824_39_0_146";dur=1
accept-ranges
bytes
content-length
42490
expires
Wed, 22 Jan 2025 10:10:40 GMT
24C1-FR-Winter-Sale-Consumer-SB-DTP-OMEN-45L-Articuno-Single-Mosaic-253x418_659e77c661d76.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
21 KB
22 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-DTP-OMEN-45L-Articuno-Single-Mosaic-253x418_659e77c661d76.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c81a4f34edeccc6ff9977a3a859df56c36e63ef132a20ec4bc82ef568b55f5b5
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:06 GMT
server
akamai-grn
0.96a02417.1706528137.69549021
mpulse_cdn_cache
HIT
etag
"143b6c9cb343da1:0"
content-type
image/png
cache-control
max-age=31012482
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137598_388276374_1767149601_28_12323_39_0_146";dur=1
accept-ranges
bytes
content-length
21760
expires
Wed, 22 Jan 2025 10:10:19 GMT
24C1-FR-Winter-Sale-Consumer-SB-MTO-OMEN-25i-Single-Mosaic-253x418_659e77c6ada9f.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
72 KB
73 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-MTO-OMEN-25i-Single-Mosaic-253x418_659e77c6ada9f.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7f740f92289b334ca0ea7383fd4117bc8fc798163faec316a7a98624e0c55aae
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:06 GMT
server
akamai-grn
0.96a02417.1706528137.69549022
mpulse_cdn_cache
MISS
etag
"f6d29d9cb343da1:0"
content-type
image/png
cache-control
max-age=31012491
mpulse_origin_time
108
server-timing
ak_p; desc="1706528137598_388276374_1767149602_50_12352_39_0_146";dur=1
accept-ranges
bytes
content-length
74190
expires
Wed, 22 Jan 2025 10:10:28 GMT
24C1-FR-Winter-Sale-Consumer-SB-PRN-DeskJet-2700-Taccola-Single-Mosaic-253x418_659e77c755528.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
26 KB
26 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-PRN-DeskJet-2700-Taccola-Single-Mosaic-253x418_659e77c755528.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d1306ad1c26ce36648efaa24d69b6d1a89eef95edf2980e692e09d2a77f5a3fd
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:07 GMT
server
akamai-grn
0.96a02417.1706528137.69549023
mpulse_cdn_cache
MISS
etag
"84d1fb9cb343da1:0"
content-type
image/png
cache-control
max-age=31012537
mpulse_origin_time
94
server-timing
ak_p; desc="1706528137598_388276374_1767149603_31_12229_39_0_146";dur=1
accept-ranges
bytes
content-length
26540
expires
Wed, 22 Jan 2025 10:11:14 GMT
24C1-FR-Winter-Sale-Consumer-SB-ACC-Mix-Gaming-Single-Mosaic-253x418_659e77c5bc58c.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
47 KB
48 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Consumer-SB-ACC-Mix-Gaming-Single-Mosaic-253x418_659e77c5bc58c.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e45413e7f1ca7bfb6d048fb2c633e74129b992e69165f57724b9aee91c34bae3
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:05 GMT
server
akamai-grn
0.96a02417.1706528137.69549024
mpulse_cdn_cache
MISS
etag
"4a8ae9cb343da1:0"
content-type
image/png
cache-control
max-age=31012585
mpulse_origin_time
97
server-timing
ak_p; desc="1706528137600_388276374_1767149604_229_10053_39_0_146";dur=1
accept-ranges
bytes
content-length
48436
expires
Wed, 22 Jan 2025 10:12:02 GMT
23C3-FR-Generic-Wave1-Store-Banners-Mosaic-v2-253x418-MASTER_650d8d325bfbc.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
44 KB
44 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/23C3-FR-Generic-Wave1-Store-Banners-Mosaic-v2-253x418-MASTER_650d8d325bfbc.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
47df16d5899177779bb1334927e34d5c7e70baaa7b67aa1bdb594e88fd927586
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 22 Sep 2023 12:48:50 GMT
server
akamai-grn
0.96a02417.1706528137.69549025
mpulse_cdn_cache
MISS
etag
"62bca12253edd91:0"
content-type
image/png
cache-control
max-age=31012536
mpulse_origin_time
97
server-timing
ak_p; desc="1706528137598_388276374_1767149605_33_12187_39_0_146";dur=1
accept-ranges
bytes
content-length
44919
expires
Wed, 22 Jan 2025 10:11:13 GMT
24C1-FR-Winter-Sale-Commercial-SB-NTB-EliteBookx360-1040-14-Spyker-Single-Mosaic-253x418_659e77c525706.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
41 KB
42 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-NTB-EliteBookx360-1040-14-Spyker-Single-Mosaic-253x418_659e77c525706.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2de09ee2e42e35be1d489823ca2b442906319a2bfa9c2927bae84f4b7065389e
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:05 GMT
server
akamai-grn
0.96a02417.1706528137.69549026
mpulse_cdn_cache
MISS
etag
"f9a0af9bb343da1:0"
content-type
image/png
cache-control
max-age=31012483
mpulse_origin_time
98
server-timing
ak_p; desc="1706528137598_388276374_1767149606_35_12129_39_0_146";dur=1
accept-ranges
bytes
content-length
42416
expires
Wed, 22 Jan 2025 10:10:20 GMT
24C1-FR-Winter-Sale-Commercial-SB-DTP-AiO-EliteOne-870-27-G9-Splendor-Single-Mosaic-253x418_659e77c42efd8.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
50 KB
51 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-DTP-AiO-EliteOne-870-27-G9-Splendor-Single-Mosaic-253x418_659e77c42efd8.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a08b2f76eb569eb3857b5c099dfda1de4d8bbedc0c1222311bccb0e2078c939
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:04 GMT
server
akamai-grn
0.96a02417.1706528137.69549027
etag
"dc871c9bb343da1:0"
content-type
image/png
cache-control
max-age=31012578
server-timing
ak_p; desc="1706528137606_388276374_1767149607_689_14457_39_0_146";dur=1
accept-ranges
bytes
content-length
51314
expires
Wed, 22 Jan 2025 10:11:55 GMT
24C1-FR-Winter-Sale-Commercial-SB-NTB-ZBookFury-16-G10-Varcolac-Single-Mosaic-253x418_659e77c5706f8.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
58 KB
58 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-NTB-ZBookFury-16-G10-Varcolac-Single-Mosaic-253x418_659e77c5706f8.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
61223f88ea413a6206c06b7189d83809b0fb37a77a3e1e979d1d97f130a3ac13
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:05 GMT
server
akamai-grn
0.96a02417.1706528137.69549028
etag
"7ceede9bb343da1:0"
content-type
image/png
cache-control
max-age=31012455
server-timing
ak_p; desc="1706528137611_388276374_1767149608_1049_11306_37_0_146";dur=1
accept-ranges
bytes
content-length
59466
expires
Wed, 22 Jan 2025 10:09:52 GMT
24C1-FR-Winter-Sale-Commercial-SB-DTP-Z4-G4-Forests-Single-Mosaic-253x418_659e77c47fe78.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
37 KB
37 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-DTP-Z4-G4-Forests-Single-Mosaic-253x418_659e77c47fe78.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1828021a69dcaa7ba424251b9627a9af8515e7dc061ca31a387636db1f075f27
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:04 GMT
server
akamai-grn
0.96a02417.1706528137.69549029
mpulse_cdn_cache
HIT
etag
"f6304f9bb343da1:0"
content-type
image/png
cache-control
max-age=31012506
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137598_388276374_1767149609_44_12182_39_0_146";dur=1
accept-ranges
bytes
content-length
37509
expires
Wed, 22 Jan 2025 10:10:43 GMT
24C1-FR-Winter-Sale-Commercial-SB-ACC-Mix-Keyboard-Webcam-TopLoad-Single-Mosaic-253x418_659c1cb5dd8d2.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
24 KB
24 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-ACC-Mix-Keyboard-Webcam-TopLoad-Single-Mosaic-253x418_659c1cb5dd8d2.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9acc785bf7e9b8764f674dfb24f5c40594a53aebcfc560b51fe1bf8280cb655
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Mon, 08 Jan 2024 16:03:01 GMT
server
akamai-grn
0.96a02417.1706528137.6954902a
mpulse_cdn_cache
MISS
etag
"1f3b18284c42da1:0"
content-type
image/png
cache-control
max-age=31023017
mpulse_origin_time
105
server-timing
ak_p; desc="1706528137598_388276374_1767149610_41_13362_39_0_146";dur=1
accept-ranges
bytes
content-length
24590
expires
Wed, 22 Jan 2025 13:05:54 GMT
24C1-FR-Winter-Sale-Commercial-SB-MTO-U32-Gandalf-Single-Mosaic-253x418_659e77c4cd3f4.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
44 KB
44 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-MTO-U32-Gandalf-Single-Mosaic-253x418_659e77c4cd3f4.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f441ed948637969a1ba0a1b6fbda51af23b5fdffc6ca6dee426d454c99581698
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 10:56:04 GMT
server
akamai-grn
0.96a02417.1706528137.6954902b
etag
"5e53809bb343da1:0"
content-type
image/png
cache-control
max-age=31012510
server-timing
ak_p; desc="1706528137598_388276374_1767149611_73_11667_39_0_146";dur=1
accept-ranges
bytes
content-length
44973
expires
Wed, 22 Jan 2025 10:10:47 GMT
24C1-FR-Winter-Sale-Commercial-SB-PRN-OfficeJetPro-9022-Single-Mosaic-253x418_659e7bff28f18.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
16 KB
16 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/24C1-FR-Winter-Sale-Commercial-SB-PRN-OfficeJetPro-9022-Single-Mosaic-253x418_659e7bff28f18.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41023cd20c8d354cc436f11aaac789e30a623305af612ef8d0adf365592dd671
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 11:14:07 GMT
server
akamai-grn
0.96a02417.1706528137.6954902c
mpulse_cdn_cache
HIT
etag
"1229f20b643da1:0"
content-type
image/png
cache-control
max-age=31012527
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137600_388276374_1767149612_185_10550_39_0_146";dur=1
accept-ranges
bytes
content-length
16163
expires
Wed, 22 Jan 2025 10:11:04 GMT
23C3-FR-Spectre-Edna-Store-Banners-Mosaic-253x418_6526670d4d78c.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
39 KB
40 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/23C3-FR-Spectre-Edna-Store-Banners-Mosaic-253x418_6526670d4d78c.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c9d6181eb4c3d135d54ec93522e2afc290c65b172f2426358ffcfb19020dd6f
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2023 09:12:45 GMT
server
akamai-grn
0.96a02417.1706528137.6954902d
mpulse_cdn_cache
HIT
etag
"c3bb21823fcd91:0"
content-type
image/png
cache-control
max-age=31025207
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137611_388276374_1767149613_1056_11232_37_0_146";dur=1
accept-ranges
bytes
content-length
40080
expires
Wed, 22 Jan 2025 13:42:24 GMT
FormaDJRMicro-Regular.woff2
www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/ Frame C312
38 KB
39 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/FormaDJRMicro-Regular.woff2
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
70a113ca852597a7a4abaa67ab33fc17d2d2fee947201623481719ca92b23e3f
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc3
etag
"0a3f260b3fcd91:0"
content-type
application/font-woff2
server-timing
ak_p; desc="1706528137579_388276374_1767149507_19880_11195_38_0_255";dur=1
accept-ranges
bytes
content-length
39360
FormaDJRMicro-Bold.woff2
www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/ Frame C312
37 KB
37 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/FormaDJRMicro-Bold.woff2
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
665ef317954f751907de55c03c7ff012bfa25c7617dd61d542edf7aa1e995053
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.69548fc4
etag
"0a3f260b3fcd91:0"
content-type
application/font-woff2
server-timing
ak_p; desc="1706528137593_388276374_1767149508_25205_17238_32_0_255";dur=1
accept-ranges
bytes
content-length
37804
jquery.plugins.min.js
www.hp.com/fr-fr/shop/Html/headermenus/js/libs/ Frame C312
101 KB
29 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/Html/headermenus/js/libs/jquery.plugins.min.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63ae5d14ceffc2560197362022f839b1c6418420cf035f90efa1d58fdaaf6911
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Sat, 14 Sep 2019 04:07:21 GMT
server
akamai-grn
0.96a02417.1706528137.6954902e
etag
"8a1f20e8b16ad51:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254327
server-timing
ak_p; desc="1706528137611_388276374_1767149614_1036_11354_37_0_146";dur=1
accept-ranges
bytes
content-length
29255
expires
Thu, 01 Feb 2024 10:14:24 GMT
app.page.all.js
www.hp.com/fr-fr/shop/Html/headermenus/js/ Frame C312
133 KB
41 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/Html/headermenus/js/app.page.all.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c41175ddbba421a4203d9401dd8b6deaf861fe8a94de6119c184245e5644abb1
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528137.6954902f
mpulse_origin_time
0
server-timing
ak_p; desc="1706528137598_388276374_1767149615_57_12103_39_0_146";dur=1
content-length
41053
last-modified
Thu, 18 Jan 2024 12:47:57 GMT
server
mpulse_cdn_cache
HIT
etag
"14cb2390c4ada1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254457
accept-ranges
bytes
expires
Thu, 01 Feb 2024 10:16:34 GMT
app.page.home.js
www.hp.com/fr-fr/shop/Html/headermenus/js/ Frame C312
13 KB
5 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/Html/headermenus/js/app.page.home.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4df40eb5ea4d60ae2f272fe1901f74111ad3b37be2e16320533006fa39934e36
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Wed, 24 Aug 2022 11:44:53 GMT
server
akamai-grn
0.96a02417.1706528137.69549030
etag
"8a26d7ecaeb7d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254535
server-timing
ak_p; desc="1706528137598_388276374_1767149616_52_11961_39_0_146";dur=1
accept-ranges
bytes
content-length
4926
expires
Thu, 01 Feb 2024 10:17:52 GMT
MbYD4vfCs
www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/ Frame C312
18 B
1 KB
XHR
General
Full URL
https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Requested by
Host: www.hp.com
URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528137.6954911a
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.hp.com
access-control-allow-credentials
true
server-timing
ak_p; desc="1706528137646_388276374_1767149850_5453_7809_32_0_219";dur=1
access-control-allow-headers
Content-Type
content-length
18
FY23-LAPTOPS-Laptops-Spectre-Dashiell-Intel-Single-Mosaic-253x418--_644b9c5db1ca4.png
www.hp.com/fr-fr/shop/Html/Merch/Banners/ Frame C312
46 KB
47 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/Html/Merch/Banners/FY23-LAPTOPS-Laptops-Spectre-Dashiell-Intel-Single-Mosaic-253x418--_644b9c5db1ca4.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6461b3dc9fe530e158f951cc9cebe8d0bcdee07bf7ccb17bd3e1eb68d5fe2bf4
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 10:13:49 GMT
server
akamai-grn
0.96a02417.1706528137.6954915a
etag
"548b4820ba79d91:0"
content-type
image/png
cache-control
max-age=31012504
server-timing
ak_p; desc="1706528137658_388276374_1767149914_50_12606_31_0_146";dur=1
accept-ranges
bytes
content-length
47434
expires
Wed, 22 Jan 2025 10:10:41 GMT
Contacts-Icon-Black-Desktop.png
www.hp.com/fr-fr/shop/html/headermenus/images/sm15/homepage/ Frame C312
3 KB
4 KB
Image
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/images/sm15/homepage/Contacts-Icon-Black-Desktop.png
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/html/headermenus/css/homepage.css?merchSv=20240125095016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2ea70ee1b798710f887aefe1bc8f178f3aee1c99f81a6b2910599a45c8fd9f95
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/html/headermenus/css/homepage.css?merchSv=20240125095016
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Wed, 24 Aug 2022 11:46:18 GMT
server
akamai-grn
0.96a02417.1706528137.6954915c
etag
"3a976e1fafb7d81:0"
content-type
image/png
cache-control
max-age=81141
server-timing
ak_p; desc="1706528137658_388276374_1767149916_56_12676_31_0_146";dur=1
accept-ranges
bytes
content-length
3353
expires
Tue, 30 Jan 2024 10:07:58 GMT
FormaDJRMicro-Light.woff2
www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/ Frame C312
39 KB
40 KB
Font
General
Full URL
https://www.hp.com/fr-fr/shop/stylesheets/fonts/FormaDJR/FormaDJRMicro-Light.woff2
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
56d7ed4de9b9f5aeda1987f4d806b81317c2959ef70c7d20c2599576c9177f71
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hp.com/fr-fr/shop/html/headermenus/css/sm15-global.css?ver=20240125095016
Origin
https://www.hp.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 02:25:34 GMT
server
akamai-grn
0.96a02417.1706528137.695491b5
etag
"0a3f260b3fcd91:0"
content-type
application/font-woff2
server-timing
ak_p; desc="1706528137676_388276374_1767150005_19597_14465_33_0_255";dur=1
accept-ranges
bytes
content-length
40172
mu.js
www.hp.com/cma/ng/lib/exceptions/ Frame C312
89 KB
36 KB
Script
General
Full URL
https://www.hp.com/cma/ng/lib/exceptions/mu.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/cma/ng/lib/exceptions/privacy-banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
49b217e1a416ae8d6cf238dbf0cb9f8bd0bba25fffbb72a68948aa7267079da1
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
server
Apache
akamai-grn
0.96a02417.1706528137.695491b6
etag
"6090829dcf9c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=7200
server-timing
ak_p; desc="1706528137675_388276374_1767150006_168_13984_31_0_146";dur=1
accept-ranges
bytes
content-length
36320
expires
Mon, 29 Jan 2024 13:35:37 GMT
1
api-marketing.milibris.com/stats/a9938bad-d837-4717-b0fe-8835a6a4a51c/page/05062506-9717-4396-b66a-19d63c417f0b/ Frame 690D
0
300 B
XHR
General
Full URL
https://api-marketing.milibris.com/stats/a9938bad-d837-4717-b0fe-8835a6a4a51c/page/05062506-9717-4396-b66a-19d63c417f0b/1
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Referer
https://campaigns.milibris.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
0001.1adbfbb3-3143-4782-acb4-0988d17d0b1e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
199 KB
200 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0001.1adbfbb3-3143-4782-acb4-0988d17d0b1e.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
0e0ac2f0cd6df430181b3abab672c7442bb1b06d8f54e52c4d6e3eb475ef68af
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:36 GMT
Server
nginx
X-cdnca01A
36; 254613.742; 7200.000
Age
9040
ETag
"8ff894f77293dd72c746ce4163fbb6ab"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513945.714; 7200.000
Accept-Ranges
bytes
Content-Length
204098
tile00x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
151 KB
151 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile00x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
2d6a7968c424710f382fcd2a49e839277171b30177de8c8e2a19e740d36ef246
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:01 GMT
Server
nginx
X-cdnca01A
35; 253688.948; 7200.000
Age
9040
ETag
"2a47096ed12f084c6dd4b17f7c2a4888"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514870.508; 7200.000
Accept-Ranges
bytes
Content-Length
154418
tile00x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
136 KB
136 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile00x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
01618bd4253be3d3e6c0b5ee0780d67357b02ed57454b6bb8d9ae05be90e0118
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:01 GMT
Server
nginx
X-cdnca01A
34; 254613.734; 7200.000
Age
9040
ETag
"b737b4c9a600747c9d9b0c55041c78d5"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513945.697; 7200.000
Accept-Ranges
bytes
Content-Length
139276
tile00x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
4 KB
4 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile00x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
f633b0443241e5d97fae3ec8efa46acf8cc2d7472731f6ce1817fbe81c0d39f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
35; 254613.581; 7200.000
Age
9040
ETag
"1935ae6105eeea8c4f15675af5d1cb7d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513945.653; 7200.000
Accept-Ranges
bytes
Content-Length
3826
tile01x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
81 KB
81 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile01x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e958674123520c0c48fdcb99831818e694ae25bda4e6479a8600f3756bfd19d6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
35; 254613.581; 7200.000
Age
9040
ETag
"09ee1733a08f54e58dccc38551cca8f1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513945.672; 7200.000
Accept-Ranges
bytes
Content-Length
82731
tile01x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
61 KB
61 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile01x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
c2cb613dc7654d3f357674ce1a09abdeaf39f4365820fdbad4ca4bc2c3a41edd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:01 GMT
Server
nginx
X-cdnca01A
35; 254613.987; 7200.000
Age
9041
ETag
"1f5c65d6aa1448fa0bc95da7c64797c1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513945.174; 7200.000
Accept-Ranges
bytes
Content-Length
62213
tile01x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/ Frame 690D
2 KB
2 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0001.44a4f636-a674-4360-93c6-5e20d625f5e9/tile01x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
aac08e0082132377677adaf138caf0bb9c1014086ac41733bb67f3116bae2364
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.671; 7200.000
Age
9040
ETag
"179e4d5661369ff6e8da98c2267924aa"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.827; 7200.000
Accept-Ranges
bytes
Content-Length
2091
0002.2684de33-e6ca-4628-86d4-6d7d4e40f19f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
169 KB
169 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0002.2684de33-e6ca-4628-86d4-6d7d4e40f19f.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e78f6df8830ffdca0ac6216c162184ad906f109049923744b727cc5d76510302
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:36 GMT
Server
nginx
X-cdnca01A
34; 254614.519; 7200.000
Age
9040
ETag
"f0af9776c4b54696a3aabc8933146160"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.742; 7200.000
Accept-Ranges
bytes
Content-Length
172798
tile00x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
142 KB
143 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile00x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
0a79c3fdb375a4ac5bfc07e870b44ced5770cad0afc04ce08f3c76bcc1bd24e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.468; 7200.000
Age
9041
ETag
"f321c5966f84b35f78bb926f11688f7f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.642; 7200.000
Accept-Ranges
bytes
Content-Length
145763
tile00x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
210 KB
210 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile00x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
8f5680c3e7647640b6ed02de01e6d2c77799917a0db757f670c60a372b7b4369
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.659; 7200.000
Age
9040
ETag
"56c5111802ab93bfd51b40b5a0962a05"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.513; 7200.000
Accept-Ranges
bytes
Content-Length
214928
tile00x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
10 KB
10 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile00x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
3cab4848dfb1248b123a2c758eaa4d1b9352ddc4c4e82cfafcc4743dbca45ebc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.600; 7200.000
Age
9041
ETag
"53a8be42a09f49ec18fad49ca8655b24"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.483; 7200.000
Accept-Ranges
bytes
Content-Length
10148
tile01x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
58 KB
59 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile01x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
1a195c6ea9e94c5ab1e402e06e560eeba42037b022e2163ad9ad1b9d654122ee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
36; 253689.041; 7200.000
Age
9041
ETag
"2fe2c63af30837282055b65c480a3dc2"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514870.028; 7200.000
Accept-Ranges
bytes
Content-Length
59626
tile01x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
79 KB
80 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile01x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
9c3f3160ec59a364a8c57f757bf7b1121fedb74ecf6ce743790adb7f30784a95
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.744; 7200.000
Age
9041
ETag
"dbcfc2c0e6d59bc61dfc461c20f0f84e"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.361; 7200.000
Accept-Ranges
bytes
Content-Length
81264
tile01x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/ Frame 690D
4 KB
5 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0002.f0bbe1a8-b930-4551-b8cf-9ab62f7372c5/tile01x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
7994fb3797d9a08ebef8afb97e37771fef5829a56bc4d461e2c087bfdfd866de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254614.990; 7200.000
Age
9041
ETag
"47df3ec087ae49b46174e049e4283629"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.054; 7200.000
Accept-Ranges
bytes
Content-Length
4536
0003.3f25d0dc-40ae-4250-b7f9-202f93ea97e5.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
179 KB
179 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0003.3f25d0dc-40ae-4250-b7f9-202f93ea97e5.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
dd451b46bc91427c1c1c1f2d4fdf72a71d302e0d77d4e0dade4ce00c0368d89b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
34; 254614.998; 7200.000
Age
9041
ETag
"fa05f42cb489fa3797f56d92d9facb47"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513944.054; 7200.000
Accept-Ranges
bytes
Content-Length
182847
tile00x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
117 KB
117 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile00x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
a1be00ce5106c2dbd00535547ed4bccd759a94dd65a4cb6f266b8745df18f07b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
36; 253689.122; 7200.000
Age
9041
ETag
"1f163f0a955d9ea890b3290679809f95"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514869.896; 7200.000
Accept-Ranges
bytes
Content-Length
119426
tile00x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
123 KB
124 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile00x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
cef01656a78526a479dcd2182f25352b44ebc5abe039f608ac3210a949a4fc74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
35; 254615.213; 7200.000
Age
9041
ETag
"1f8172fc24f67131e3966b866cd4a2aa"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.805; 7200.000
Accept-Ranges
bytes
Content-Length
126346
tile00x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
894 B
1 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile00x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
1354d919694f2229f1055aec5fe92102c59d7aed474b60a13de761780b38b45a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:03 GMT
Server
nginx
X-cdnca01A
34; 254615.259; 7200.000
Age
9041
ETag
"d92d2fc978b2181e8fc0cd88d78daec6"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.736; 7200.000
Accept-Ranges
bytes
Content-Length
894
tile01x00.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
72 KB
72 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile01x00.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
ad7583d5e709e244ef97e04b92b213b05b2f4fdbea178d4c10fdadd9efc4dbae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:03 GMT
Server
nginx
X-cdnca01A
35; 254615.335; 7200.000
Age
9041
ETag
"cf6650f7cfbac09ba3fffbe2253af5ac"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.677; 7200.000
Accept-Ranges
bytes
Content-Length
73757
tile01x01.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
97 KB
98 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile01x01.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
5a848bf717de0d02fb36feaa8aaf23866f2ca1f53c02136e6bc369c3567a70c9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:02 GMT
Server
nginx
X-cdnca01A
34; 254615.418; 7200.000
Age
9041
ETag
"a844bca80224556ff71a692b14837954"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.611; 7200.000
Accept-Ranges
bytes
Content-Length
99784
tile01x02.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/ Frame 690D
2 KB
2 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tileset/0003.457e2927-bf74-4a11-aee9-6980e9336657/tile01x02.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
66e4b46c95d714df8cb550a86d1fdfc4c1e462e422d806aa1249a8b5e1809cc0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:03 GMT
Server
nginx
X-cdnca01A
34; 253689.201; 7200.000
Age
9041
ETag
"ecda98be21b038629207f9db1c412180"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514869.725; 7200.000
Accept-Ranges
bytes
Content-Length
2024
0004.b846b78b-6915-472e-a646-5166d04745b6.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
190 KB
191 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0004.b846b78b-6915-472e-a646-5166d04745b6.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
c0f4ee83035b0aae01cb3e29056f63469dd07bc0eb852410f83365b911346ee3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
33; 254615.591; 7200.000
Age
9041
ETag
"6cbb7fa9c2d62a691ec06930f6827454"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.374; 7200.000
Accept-Ranges
bytes
Content-Length
194766
0005.07acf179-e7f7-4dad-a3dd-7e9976b8dc78.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
125 KB
126 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0005.07acf179-e7f7-4dad-a3dd-7e9976b8dc78.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
0ea7335c735c7b0e088eea04b08065609a7d2a88e0ce8e8d5c64894bcf9cf9cc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
36; 254615.566; 7200.000
Age
9041
ETag
"5ecccdb66f9aa968d4385dc54c1374e8"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.366; 7200.000
Accept-Ranges
bytes
Content-Length
128138
0006.ddadea83-289a-4de0-89d0-1df79d4e66db.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
166 KB
167 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0006.ddadea83-289a-4de0-89d0-1df79d4e66db.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
26f73441fd9402414df9acd76ccca71eca14931fd75153e50c32ce3a1f4cb466
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
36; 254615.576; 7200.000
Age
9041
ETag
"8b86824371c3fbb42002550a467e2c63"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.353; 7200.000
Accept-Ranges
bytes
Content-Length
170162
0007.d70109dc-0e4f-4a75-9dff-782eb31ab17a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
171 KB
171 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0007.d70109dc-0e4f-4a75-9dff-782eb31ab17a.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
d78bfbcd19d1a0941c706950f5f6e7dc336456a28bb4a7d851c16b00073ca065
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
34; 254615.843; 7200.000
Age
9041
ETag
"273183e5b5e09cfd952b210cbe1f7271"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.107; 7200.000
Accept-Ranges
bytes
Content-Length
175061
0008.d26ff05d-95ff-4338-a275-210591940831.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
165 KB
165 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0008.d26ff05d-95ff-4338-a275-210591940831.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
2e20dcd94506cc566113c0c31511dfcaf6240fe5ae562a98374fa841aa4545cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
35; 253689.346; 7200.000
Age
9041
ETag
"e62bd2c1698257ea9ea0876d93c3e1ad"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514869.636; 7200.000
Accept-Ranges
bytes
Content-Length
168518
0009.1e6713bc-f7b7-46e4-ac69-fc49dddad90e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
181 KB
181 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0009.1e6713bc-f7b7-46e4-ac69-fc49dddad90e.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
62e277aef05362bf78e2cf28f1304d504f018a89420b796e21a7d4791d8e8af5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
33; 254615.867; 7200.000
Age
9041
ETag
"8098683055e9c9e9fd1efd0eda8a0320"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513943.042; 7200.000
Accept-Ranges
bytes
Content-Length
185058
0010.b51f78ae-817c-497d-b4ae-919c1592d585.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
167 KB
167 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0010.b51f78ae-817c-497d-b4ae-919c1592d585.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
93165aace1056597b5345254f74f3dfb2dc49c69ea49a3e0683a33649de592cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
34; 254616.137; 7200.000
Age
9041
ETag
"1b4664876dd6774355aca6ff35c0e982"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.740; 7200.000
Accept-Ranges
bytes
Content-Length
170863
0011.dfbe1774-9a51-4bff-9aed-1630183f3ab2.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
155 KB
155 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0011.dfbe1774-9a51-4bff-9aed-1630183f3ab2.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
a43efe885ce55d0a50fae05e794eeb0b7dbd0599d52ddf835da15f2c6755ea8b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
35; 254616.243; 7200.000
Age
9041
ETag
"a35aa333605cbac9c958ebca3f39a8f0"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.659; 7200.000
Accept-Ranges
bytes
Content-Length
158643
0012.3b9fc6b2-f2cf-41cd-96a1-34892e9f2dfb.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
144 KB
145 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0012.3b9fc6b2-f2cf-41cd-96a1-34892e9f2dfb.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
62a3160051eeb5c2387769d8d99a3c8cee9657201a3ff350f847a7e0dd854d97
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
35; 254616.245; 7200.000
Age
9041
ETag
"6451676b062723e4423ec1829324d461"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.618; 7200.000
Accept-Ranges
bytes
Content-Length
147543
0013.7904dcbd-48d0-4fe0-967e-789968c37cf7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
187 KB
188 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0013.7904dcbd-48d0-4fe0-967e-789968c37cf7.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
8e20ea5f9720a9e80aada260e88b9c4ae1e309dd59f37efd3a79fb3745b7812d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:37 GMT
Server
nginx
X-cdnca01A
34; 254616.276; 7200.000
Age
9041
ETag
"d90df3f23a7fe219ceaee73d1f2e59c3"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.613; 7200.000
Accept-Ranges
bytes
Content-Length
191777
0014.9f4d7dc5-da0f-48a9-999e-ba56d515f8d7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
177 KB
177 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0014.9f4d7dc5-da0f-48a9-999e-ba56d515f8d7.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
d035daf22a123ca8722e69b9feeda5ca16fa1959b0d66e5021e006b450cb8ecc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
34; 254616.240; 7200.000
Age
9041
ETag
"ef94ebfb28ca3f6711b96f20d72df023"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.635; 7200.000
Accept-Ranges
bytes
Content-Length
181018
0015.85102778-7140-4f8b-bc59-a4bd1d549ad6.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
210 KB
211 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0015.85102778-7140-4f8b-bc59-a4bd1d549ad6.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
9564a625f9fa72d08033f6e96cbae5a8177c87bfbe5bf08f419b7fa1baa72056
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
34; 253689.506; 7200.000
Age
9041
ETag
"f82c82f53ef545f80ed5c04184a3dd7b"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514869.320; 7200.000
Accept-Ranges
bytes
Content-Length
215139
0016.3800f2c9-594b-4c70-8c9a-ff4c8f7dbc41.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
178 KB
178 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0016.3800f2c9-594b-4c70-8c9a-ff4c8f7dbc41.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
6dfc010eb843409845241f4c85d10785329a96372ab01ff75df1ea6e171af65f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
34; 254616.548; 7200.000
Age
9041
ETag
"e30ee2a62c4bfd870c8d63197f9d05c7"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.331; 7200.000
Accept-Ranges
bytes
Content-Length
181890
0017.6b308c64-8c9d-41f8-96f5-e7a80a73f0b2.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
212 KB
212 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0017.6b308c64-8c9d-41f8-96f5-e7a80a73f0b2.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
32a39e1cf12f5dfbaa8b22ce4c1ae1b1cc6e944427904c30f353b260c9946710
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
34; 254616.665; 7200.000
Age
9041
ETag
"d812127a80992196eeb3237edbf93a84"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.167; 7200.000
Accept-Ranges
bytes
Content-Length
216730
0018.ce20b61b-6432-40a6-a2b2-997f14a3c977.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
180 KB
180 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0018.ce20b61b-6432-40a6-a2b2-997f14a3c977.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e13dd1d0f4364a034eb014fb2d644820962e105cca10d178a48dd61fe6eb9872
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
34; 254616.756; 7200.000
Age
9041
ETag
"caf7ee20cb2768204b62b18cbf4be60d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513942.107; 7200.000
Accept-Ranges
bytes
Content-Length
183906
0019.16231eab-4e28-414d-95ae-daf557ef0248.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
128 KB
129 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0019.16231eab-4e28-414d-95ae-daf557ef0248.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
4ed2ace6532520a4ab797b8abd983ec368a6613efd24f133f41661ff25477d16
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
32; 254616.867; 7200.000
Age
9041
ETag
"c1edde08b8834449935fcc838c03eaeb"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.972; 7200.000
Accept-Ranges
bytes
Content-Length
131465
0020.2b462491-e1b3-494e-b0ae-2a1e8d3be3a4.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
200 KB
200 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0020.2b462491-e1b3-494e-b0ae-2a1e8d3be3a4.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
a9797bb0d5738127a891423840c42b00e12d13af64f088f6a4c619f6358c017f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
31; 254616.828; 7200.000
Age
9041
ETag
"91f37bdc42fa62fb311c34970bb512d0"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.948; 7200.000
Accept-Ranges
bytes
Content-Length
204600
0021.641819af-4292-4d62-989f-05ed4cc8eff5.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
183 KB
184 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0021.641819af-4292-4d62-989f-05ed4cc8eff5.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
9cc501506a01eaddcd06d98c058453930afdf2190744cc38b3289fd8e7320b35
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
31; 254616.846; 7200.000
Age
9041
ETag
"1cdb40150e044412a468ae1defda5dda"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.925; 7200.000
Accept-Ranges
bytes
Content-Length
187897
0022.a77b9c2a-474c-499b-8922-23bd2f69ca06.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
200 KB
200 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0022.a77b9c2a-474c-499b-8922-23bd2f69ca06.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
70ef650c159e57f15f2520e87c47bd035b62a0b31f1d137f4d17ed2012f34970
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
31; 254616.962; 7200.000
Age
9041
ETag
"e34f28140e7d58da4cf840fa4e858494"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.842; 7200.000
Accept-Ranges
bytes
Content-Length
204716
0023.9edc786d-576a-4848-bb99-455ad8893847.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
175 KB
175 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0023.9edc786d-576a-4848-bb99-455ad8893847.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
025438bdf59d78a9fc2add3342ca592c85531f6524f018f4b7cc54f1d0f9f400
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:38 GMT
Server
nginx
X-cdnca01A
31; 254617.187; 7200.000
Age
9041
ETag
"7f7f637131feb4f6b6f80a76349883af"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.647; 7200.000
Accept-Ranges
bytes
Content-Length
178718
0024.c66dc8a7-3edf-43a9-8770-9c8b04c592a7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
182 KB
182 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0024.c66dc8a7-3edf-43a9-8770-9c8b04c592a7.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
9c9087725aa398daafc233c4914a35cbeac197ee37a8fc307db8b4352e8679f1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
30; 254617.284; 7200.000
Age
9041
ETag
"f2d4643f40397967361e7c6336fcb331"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.506; 7200.000
Accept-Ranges
bytes
Content-Length
186330
0025.488457f0-4dba-490e-b9a1-9c7f5772ffab.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
182 KB
182 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0025.488457f0-4dba-490e-b9a1-9c7f5772ffab.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
8d278a18ac485ef4d26e0eee4b019e5195992768585aa7faa77878d2c4f569d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
29; 253689.681; 7200.000
Age
9041
ETag
"c5ce5d2dd91433beaa498b29d6f0d40d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514869.104; 7200.000
Accept-Ranges
bytes
Content-Length
186102
0026.332dcb46-174f-408f-902b-a8d4e65814e7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
165 KB
165 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0026.332dcb46-174f-408f-902b-a8d4e65814e7.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
bacbc23a0ae5beab4436552edcfb7f88dc5deddedf701d646392116f6ea2034b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
28; 254617.258; 7200.000
Age
9042
ETag
"68d4b6ec5a6028059b44c318ce37910a"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513941.464; 7200.000
Accept-Ranges
bytes
Content-Length
168810
0027.63681814-8980-4eda-ba95-3534fc0d3287.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
195 KB
196 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0027.63681814-8980-4eda-ba95-3534fc0d3287.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
81ed2b079018e722b7ddd489c3c365ae505f53f78b8aaafffd94fa91d3b987cd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
27; 254714.235; 7200.000
Age
9041
ETag
"57b316b6ea192bfae8c1ae1c5b358993"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513844.537; 7200.000
Accept-Ranges
bytes
Content-Length
200003
0028.68e720eb-6f82-4012-84b8-e31722565e43.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
158 KB
158 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0028.68e720eb-6f82-4012-84b8-e31722565e43.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
f429b1a18a7e1a4cc03e8d7151e58e25f0226fb7ebaac2676d8d9373e48c9039
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
30; 254714.704; 7200.000
Age
9041
ETag
"2029565b42387eed0c8056395a142d9d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513844.075; 7200.000
Accept-Ranges
bytes
Content-Length
161657
0029.52fadb23-3d7d-401b-b79d-06659673d51d.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
193 KB
194 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0029.52fadb23-3d7d-401b-b79d-06659673d51d.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
2457c6fbcb1c05405e74e35a9a106936c2269310edbf81951d19c0ff061e725f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
27; 254714.854; 7200.000
Age
9041
ETag
"90e2001d3d8ef81e49c639b451e193ff"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513843.917; 7200.000
Accept-Ranges
bytes
Content-Length
197703
0030.db147bd6-4555-4e4f-91ed-5bbbc39013d8.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
204 KB
205 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0030.db147bd6-4555-4e4f-91ed-5bbbc39013d8.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
eb070ffe2c058cb1fa3dfc8e1eaf207de033b9bc97b7d936eeb86bfd5a5c60c7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
27; 254715.012; 7200.000
Age
9041
ETag
"0caa43c2eeceef8bd4c576da84e5c935"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513843.763; 7200.000
Accept-Ranges
bytes
Content-Length
209086
0031.f61fbfc0-4c71-4c04-87f7-081a79acc6ba.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
182 KB
183 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0031.f61fbfc0-4c71-4c04-87f7-081a79acc6ba.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
917aa980e560556778d5cc9566323f36b58f3424e6e0a865ce0bf80933e39bd6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:39 GMT
Server
nginx
X-cdnca01A
28; 254715.498; 7200.000
Age
9042
ETag
"3d248d8ea180f2cfb738ccf16690bb56"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513843.258; 7200.000
Accept-Ranges
bytes
Content-Length
186492
0032.73d1e544-030c-448a-9f8e-82b7f51838ce.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
173 KB
174 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0032.73d1e544-030c-448a-9f8e-82b7f51838ce.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
d8a603f562d7f4fc6b7e901fbab65d3878d68506b04fc6149feecfc96b1bd024
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:39 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
27; 253689.831; 7200.000
Age
9041
ETag
"a4ff447cf6c4c3b19ec78779104e109a"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514868.856; 7200.000
Accept-Ranges
bytes
Content-Length
177262
0033.4f4cd9e2-ab79-4d66-9293-477b239b507b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
207 KB
208 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0033.4f4cd9e2-ab79-4d66-9293-477b239b507b.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
acb16fe13deea088591a0041c3721b8e4dec91a7b54816313de7f6e23814d454
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
26; 254716.192; 7200.000
Age
9041
ETag
"a4d7044b2f1037cbfe5a9abc11eff73f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513842.558; 7200.000
Accept-Ranges
bytes
Content-Length
212337
0034.28462af8-6a54-4f41-a75a-bef7e89e5759.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
220 KB
221 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0034.28462af8-6a54-4f41-a75a-bef7e89e5759.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
b9a79114a98fa0ab402c4ed864457eed17733f48f1bba40aac82d80d9f0ff752
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
28; 254716.374; 7200.000
Age
9042
ETag
"28387309fb5296b7f693b661e8f01510"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513842.386; 7200.000
Accept-Ranges
bytes
Content-Length
225374
0035.8bfe83ec-ca83-4b7e-b2b2-d5f0dbf91960.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
209 KB
209 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0035.8bfe83ec-ca83-4b7e-b2b2-d5f0dbf91960.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
5fcf725a1251cb6247ff7518591193a0bd1ccb54715956178182b8464dd323f4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
25; 254716.626; 7200.000
Age
9041
ETag
"d0e4deedab01675cd6c79a4b17ddf8bc"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513842.107; 7200.000
Accept-Ranges
bytes
Content-Length
214077
0036.b182db23-2a90-47e5-9b88-da335b022db7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
204 KB
204 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0036.b182db23-2a90-47e5-9b88-da335b022db7.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
fe0a1f84d77e7e1b965a47f878c40f968405a00e9c7fd2e4a979fe61cf15de3b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
27; 254716.993; 7200.000
Age
9041
ETag
"4c3b76a23706f15f426aaa443f87780f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513841.733; 7200.000
Accept-Ranges
bytes
Content-Length
208446
0037.aeed3c3f-eb51-43cb-9fa4-92d618f1b9dc.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
210 KB
211 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0037.aeed3c3f-eb51-43cb-9fa4-92d618f1b9dc.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
b5ae1d95fa06016b422278b877198d5d3277b27c491d14c8557c4eb5d8bd2319
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
26; 254716.986; 7200.000
Age
9041
ETag
"230ea2e86da6f2ab549eda3205c24bc1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513841.741; 7200.000
Accept-Ranges
bytes
Content-Length
215219
0038.9b819b2a-dbab-4ab2-a022-cb4f95149961.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
162 KB
162 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0038.9b819b2a-dbab-4ab2-a022-cb4f95149961.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
b8c33591d022950f84bc42d278bba901613d0658c419bbe5dd0af392b8dd2e0f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
26; 254717.476; 7200.000
Age
9042
ETag
"d5d97390b9c88695cec3babeeee8a11d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513841.186; 7200.000
Accept-Ranges
bytes
Content-Length
165486
0039.c91c2195-9985-4470-8ffa-4e5bb8106e14.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
226 KB
227 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0039.c91c2195-9985-4470-8ffa-4e5bb8106e14.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
de71d61b5404df2ee7e1d32f7c6ee1189ea60ea81025efa8e6b81ae72f394fd9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
25; 254717.496; 7200.000
Age
9042
ETag
"ab2732987cc2e18421f2fb635d22740d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513841.198; 7200.000
Accept-Ranges
bytes
Content-Length
231717
0040.18655ea7-1e09-4d91-ad9e-c1c047b4ab6b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
182 KB
183 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0040.18655ea7-1e09-4d91-ad9e-c1c047b4ab6b.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e7fdc1d77879806a86eee62970a9b396f95533b609d7f5d94ab5a114fdbe3d45
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:40 GMT
Server
nginx
X-cdnca01A
27; 254717.748; 7200.000
Age
9041
ETag
"5752925e52d347fbb598ed2b91e03ed0"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513840.926; 7200.000
Accept-Ranges
bytes
Content-Length
186670
0041.4f1f52b3-51a4-4f2a-aa21-230548adf18a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
219 KB
219 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0041.4f1f52b3-51a4-4f2a-aa21-230548adf18a.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
361813deac3c28bfd607552f547f9db5756eba7bf416518557b3bdd12b1a134c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
28; 253690.026; 7200.000
Age
9041
ETag
"dfbe070b0fae57ece571f58453c97778"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514868.688; 7200.000
Accept-Ranges
bytes
Content-Length
224123
0042.422f6900-3055-4b2c-aca1-937b2fd92974.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
220 KB
220 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0042.422f6900-3055-4b2c-aca1-937b2fd92974.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
9a1a49cf92c764a0f9f2abfad4267dd4fbb91e80b27f59d07cfff5274ebcfa1d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
27; 254718.232; 7200.000
Age
9042
ETag
"1de7c9fdf1662e07e64cc6b7b8a25ce5"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513840.334; 7200.000
Accept-Ranges
bytes
Content-Length
225339
0043.b5ad093e-1453-4d5e-aae4-ff097ea73c6b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
126 KB
126 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0043.b5ad093e-1453-4d5e-aae4-ff097ea73c6b.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e67eac755b563ed17146f7516fa06d8d64cbd517572b1df233664e73624084f8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
27; 254718.388; 7200.000
Age
9042
ETag
"f3e0c4567d192e6df935e041ccc75357"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513840.213; 7200.000
Accept-Ranges
bytes
Content-Length
128574
0044.5dd02aa9-ed8f-424a-bbd8-7ff00e7b6fc6.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
154 KB
154 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0044.5dd02aa9-ed8f-424a-bbd8-7ff00e7b6fc6.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
fa4eeef46c7543bdec8b7ba2bf5a5662f220a13aae696186c59246baa655f0b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
26; 254718.376; 7200.000
Age
9042
ETag
"d2a2555e3b9105ccc0ba118be300b78e"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513840.254; 7200.000
Accept-Ranges
bytes
Content-Length
157225
0045.35081a42-0fd1-4ed1-9c5c-3b1b5b71c82c.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
104 KB
0
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0045.35081a42-0fd1-4ed1-9c5c-3b1b5b71c82c.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
25; 254718.913; 7200.000
Age
9041
ETag
"273d800e9381777ae58920c9d67bf449"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513839.729; 7200.000
Accept-Ranges
bytes
Content-Length
113364
0046.1cef807d-23ec-4298-bcf1-a7474adfab06.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
161 KB
161 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0046.1cef807d-23ec-4298-bcf1-a7474adfab06.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
ccb876c6f8ba24896d970330cd4fcb92e65ec89f14c4eab8208f7189008ad97b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
27; 254719.277; 7200.000
Age
9042
ETag
"e23942da32f3e13ad92a836632a27bef"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513839.328; 7200.000
Accept-Ranges
bytes
Content-Length
164921
0047.1993ee80-366b-42dd-b4c8-17d11f683f57.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
156 KB
156 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0047.1993ee80-366b-42dd-b4c8-17d11f683f57.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
39bca72040cba117877b71400b86e37da57766d1695c4cc1006210aa2bbafea1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
27; 254719.189; 7200.000
Age
9042
ETag
"9245718b4630b28771e160d22d39ee1d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513839.361; 7200.000
Accept-Ranges
bytes
Content-Length
159345
0048.9f87abbd-a538-4130-80bb-82f7dd713463.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
127 KB
128 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0048.9f87abbd-a538-4130-80bb-82f7dd713463.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
413c333d4c8bb2b4ef668369cff5bcbde554f6b631fe2376fd61a4691603a8fb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
27; 254719.165; 7200.000
Age
9042
ETag
"9c085b8e0f8ea6dde16f90cf3e4e2a96"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513839.364; 7200.000
Accept-Ranges
bytes
Content-Length
130544
0049.4efa6f8f-587e-4436-b1cc-c7f507d01e67.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
129 KB
130 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0049.4efa6f8f-587e-4436-b1cc-c7f507d01e67.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
ef7c11bb77091f5ee218fcfce46dde1434d6036d3c1ba818631f6afb6defbfa0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
26; 253690.091; 7200.000
Age
9042
ETag
"64ad2ecdc3d01d946987185830eb7d44"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514868.471; 7200.000
Accept-Ranges
bytes
Content-Length
132361
0050.5174b2ed-1140-4442-bfa3-40780b29182a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
110 KB
110 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0050.5174b2ed-1140-4442-bfa3-40780b29182a.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
e541e264d45ab05d5891a30bd7fbf2e6310d18ce19715f794000b3fd9ca19379
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:41 GMT
Server
nginx
X-cdnca01A
25; 254719.603; 7200.000
Age
9041
ETag
"de2bf97c07255284a03e16524626d9a4"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513838.952; 7200.000
Accept-Ranges
bytes
Content-Length
112170
0051.d61e6973-cc45-4d91-b705-d8db67a9f980.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
133 KB
134 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0051.d61e6973-cc45-4d91-b705-d8db67a9f980.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
7834dd8237c2ca7c60942f20496ed03f84bfbae77c552e4c0a93f0cb1ebd392f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
24; 254719.595; 7200.000
Age
9041
ETag
"d543550ea87a274e670bf159c71b7850"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513838.926; 7200.000
Accept-Ranges
bytes
Content-Length
136504
0052.deb2540d-bb73-45a1-bed5-8192a7aaf410.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
199 KB
199 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0052.deb2540d-bb73-45a1-bed5-8192a7aaf410.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
be52a84cc53846e3fa0d00849551eb591328ebb11e44dba8d041b5d4ea36cdb4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
24; 254720.180; 7200.000
Age
9042
ETag
"178cae15c3ec679ba0fc499d39500f7f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513838.320; 7200.000
Accept-Ranges
bytes
Content-Length
203743
0053.92a84447-e008-499d-9c2f-e57aefe468d2.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
231 KB
232 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0053.92a84447-e008-499d-9c2f-e57aefe468d2.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
fe6b21d044e510b936ac68ef0381ff6f03322f4aad440141e256b61e51e5f54a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
24; 254720.664; 7200.000
Age
9041
ETag
"347932331967375e87012952d06ecfa1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513837.805; 7200.000
Accept-Ranges
bytes
Content-Length
236688
0054.6b5dfe6f-db96-4877-a50b-09d18a13be99.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
235 KB
235 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0054.6b5dfe6f-db96-4877-a50b-09d18a13be99.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
57b96365cdf27fd16b11c7e205483132d52ed7fa4c663f1b73d2d00d520a157d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
26; 254720.757; 7200.000
Age
9041
ETag
"65e904e51091011fed19a494b4f2e71e"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513837.719; 7200.000
Accept-Ranges
bytes
Content-Length
240343
0055.241f2d6d-f128-4915-aba3-9c13c0266775.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
133 KB
134 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0055.241f2d6d-f128-4915-aba3-9c13c0266775.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
841b8c3e366e5951513f96d9c0986b220b0c08ae447ed19d8c43fa5abe80764d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
24; 254720.735; 7200.000
Age
9041
ETag
"99772b16f35e5fb3ab9c1f63490332a8"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513837.716; 7200.000
Accept-Ranges
bytes
Content-Length
136358
0056.e0c56d35-2d3e-45b5-a206-ea828096d31d.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
241 KB
242 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0056.e0c56d35-2d3e-45b5-a206-ea828096d31d.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:40 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:42 GMT
Server
nginx
X-cdnca01A
24; 254720.820; 7200.000
Age
9041
ETag
"409c80b2d45b3331436bed96510c2634"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513837.596; 7200.000
Accept-Ranges
bytes
Content-Length
246884
0057.1d6a5d1f-2498-4902-a82a-26ae00fde965.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0058.dcdc81e6-472f-4f3b-a5fa-2427da6ead55.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0059.10dde74d-9aa4-4b21-8713-8cd63cccae8a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0060.4296a4c9-0e50-489f-abd2-ecbd9ca57474.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0061.e6e76d6b-aff7-4afd-a7aa-545555b3a033.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0062.8aa89882-f27b-40bd-bc33-91a2f2a1614c.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0063.6bad37d6-ea9f-4240-969e-adf575368160.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0064.f1c8d7ad-f06c-4f55-a722-72d8450c9016.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0065.95ef390f-4e04-400f-830f-f13d2ae4e461.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0066.83aebd2d-cecc-4b7d-bc0c-a2b7af0b6c60.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0067.d8885b58-5770-4db5-b22b-5573d8d2262a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

0068.3cedf485-af91-4d77-8736-11b593560493.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/ Frame 690D
0
0

Soleil_Bold.ttf
cdn.cafeyn.co/Public/Cafeyn/fonts/Cafeyn/ Frame 690D
45 KB
46 KB
Font
General
Full URL
https://cdn.cafeyn.co/Public/Cafeyn/fonts/Cafeyn/Soleil_Bold.ttf
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/reader.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:d800:16:e6fd:1a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2da6c5ad38b91513fa307a78e1e74d3f4a1270fa31f061db57c54ab4f0ea68bf

Request headers

Referer
https://campaigns.milibris.com/
Origin
https://campaigns.milibris.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 05:40:42 GMT
x-amz-version-id
fQVi2YjgkqrFE71qSwaJQ7dd0xRu2hHV
via
1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
21296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46552
last-modified
Thu, 27 Oct 2022 08:14:12 GMT
server
AmazonS3
etag
"372cf215e9f99ae818cb2f9778a16954"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
zlvJSz9rlQFLPv0lm1IMARwve8VVy5rFdzBDZ4cLJylRfVFRps53Dg==
truncated
/ Frame 4C7E
63 B
63 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame 64AC
63 B
63 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame 3BBD
63 B
63 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame D990
63 B
63 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
0001.096560d5-7b8e-4ce3-b0ca-e8fdf7c25e5e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
18 KB
19 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0001.096560d5-7b8e-4ce3-b0ca-e8fdf7c25e5e.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
dd70496d30d8217b02c6158848909e9fa168cad5a8c68a6a4b5b37de504b8500
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:44 GMT
Server
nginx
X-cdnca01A
33; 253685.615; 7200.000
Age
9038
ETag
"c10631cae76bc4414aba6a1ee1e90afd"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
6; 514875.818; 7200.000
Accept-Ranges
bytes
Content-Length
18561
0002.773807e4-64b2-40b8-81a4-3af9b9ea3380.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
12 KB
12 KB
Image
General
Full URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0002.773807e4-64b2-40b8-81a4-3af9b9ea3380.jpeg
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.56.148.224 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca01fo.milibris.com
Software
nginx /
Resource Hash
f20906741718d2a73e05b1528e124116b788ee4dd3bb8eab5270ee0201b4c1bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 11:35:38 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 19 Jan 2024 07:10:44 GMT
Server
nginx
X-cdnca01A
33; 254773.909; 7200.000
Age
9038
ETag
"d0eb0a6a7a63157e406d335967875f1a"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 513787.526; 7200.000
Accept-Ranges
bytes
Content-Length
12344
0003.54455a92-c794-4424-9d24-13587331f21a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0004.628cb06d-db5f-48f9-8033-ee0364d50008.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0005.81156096-4f0f-4b51-9b1e-56378f430998.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0006.cf96ec29-15f8-4dbe-ae4f-17b127b0ae61.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0007.57cd10d4-aad9-47b6-ac86-c3e28b835d2b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0008.576d9b1e-d070-4dd9-93f6-6903b973cfe9.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0009.94bcec56-2810-42c4-b51b-86f5c5b88797.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0010.68c72193-36cf-41e3-af8d-02a55646434a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0011.cdc085a9-c004-4fa7-b45d-105ad4d33a6e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0012.b0d0e68d-69ea-4db5-9dd3-00de63155766.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0013.a772e976-b73b-4bfc-b2d6-71f4fd804961.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0014.a7555bce-f8df-44aa-a166-349c83efea78.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0015.2eb7a004-a1c8-4140-a299-82d1b8dfc60b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0016.6d2ea410-2b4e-42fb-8cdf-96ec1c03fc8f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0017.6fe07421-558a-411b-b975-05e1677c5a68.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0018.a203b131-5a21-40c0-893c-c2e01a387e62.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0019.5e1c5e0a-2362-41fa-9d9e-cc8d63a5c396.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0020.e283529a-1367-4ee9-b4a5-ea174c351bae.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0021.d2c24d88-2227-4f6b-be0d-8ca4dfeeef9b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0022.400c1fa3-9898-4fe3-99ce-c105f105f5fe.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0023.e9fb41ce-5832-4ae6-ba8b-757614f8495a.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0024.e48be875-2306-4b01-934d-5bfab4ec4abd.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0025.ee242d79-06ee-4932-a404-6fe7066cc395.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0026.26a6bc57-9767-4a81-be4a-5c4df9a49ef5.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0027.1eb6839f-6f2f-4fb8-8690-bf0acc8202d2.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0028.3bf4b3ef-dcba-4dcc-a862-9c722cf783e7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0029.5515cbdd-ace8-4528-87ca-d67b1e0cc9f9.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0030.04b1b3c7-1271-4d8f-8f90-e1ec9a6d0a82.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0031.4010ca26-703b-4a52-957a-cbc58867d104.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0032.3c56efe8-5758-49b8-b0fe-c9bd84c16b7c.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0033.4445306e-2c79-4f12-89ea-4f6799794137.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0034.5abfb29b-b635-47f0-a877-2f8585b353c6.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0035.5e8039bd-3c46-4870-9f46-3b22ec7c1477.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0036.913ffae9-5204-40b2-a89f-ddb9c76bcef4.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0037.a890364a-a974-4ec5-98a0-c47e17a4ea4f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0038.0c4755c0-c176-4562-afe5-8ea3df177606.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0039.ebbcee44-ab7a-4b2f-8f22-6d91784f7728.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0040.8534cb17-e790-4ab0-8e75-d3ed6353dc9e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0041.c140cae1-41fb-4bb4-9f76-28eee9ec7a69.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0042.577120cc-389e-41f5-82f2-9d1f9d7951ef.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0043.eefe7799-bd56-4e53-a2b0-0ae392a337a7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0044.a6a397bb-3e0c-43dc-87ea-23a61468bfb4.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0045.5495f00d-f12e-49b5-8cb9-0a5a083357be.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0046.f12daa5c-741b-4afb-a407-910629db628f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0047.541c35d7-38f6-44e0-897c-f7e7b92f7fb9.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0048.9f00da1c-3f22-40c3-ac96-5cc7c69255ea.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0049.1820cc70-e754-4bfd-85a8-1d00302b67af.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0050.d8a10f66-796c-4ccd-998b-c93c66a8e16e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0051.3876a6e4-ccb0-46ac-ba86-fe9e9146de2d.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0052.06e4c884-3ac4-4653-b94a-e502a1b7b940.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0053.7ce2b320-6c1b-4790-8fd8-7707a9660584.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0054.381de949-6f16-4798-bef5-750ae35b95c5.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0055.130b2e24-37b9-4275-adf1-2ec218154e4f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0056.16135559-1fe2-4b3b-a785-bf5c941c76b3.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0057.5c7ed4f8-b287-4402-b7bf-23ea2b83d311.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0058.75e5d4d3-2091-48f4-bf1e-fa871be1c217.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0059.bbb58121-7a66-48ee-a8c2-fc5bf9df88d3.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0060.039a3c19-4345-4b36-a97b-cd97059a9c97.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0061.5f86858f-e7f0-4205-9b00-4ae71182be3b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0062.7b662944-d8b3-4c23-aa20-821aa40e3f6f.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0063.3dce142c-dc7c-46ef-85cf-3ed0a7183ec7.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0064.2c253fc1-6e41-4415-9da1-2e6ec0aca06d.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0065.99dd679d-f441-4d15-8517-49122e3ab36e.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0066.d56408d6-7dce-4ff6-97e4-9ef6dd88d22b.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0067.3a1e284a-15ae-418e-be7b-4b6d83a81143.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

0068.31a55fec-08b7-4108-a97f-79be515074a2.jpeg
content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/ Frame 690D
0
0

monetize
redirect.joingekko.com/ Frame DA39
Redirect Chain
  • https://link.joingekko.com/deep-link?publisherkey=177c2213-1667-4e6c-8941-9f1e7b042c81&propertyid=789233&merchantid=174214&url=http%3A%2F%2Fwww.i-run.fr&clickid=lb_44tvvnb&subid=LB00000130
  • https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun
3 KB
1 KB
Document
General
Full URL
https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun
Requested by
Host: www.linkbux.com
URL: https://www.linkbux.com/track/3971nMZL57yyOWy2hEejXB3h4SIuhs_bPaFRSnI3ZjUuV_b2azYscomuiDV9pYipxiW4kE7o08BWU_c?url=http%3A%2F%2Fwww.i-run.fr&uid=v030400016140a0f886e628b446c5925c0c00df9acf3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12670e517c5f7a1bd17fda855343f57032640bb22dcdba6da78f5dfc68d28b5

Request headers

Referer
https://www.linkbux.com/track/3971nMZL57yyOWy2hEejXB3h4SIuhs_bPaFRSnI3ZjUuV_b2azYscomuiDV9pYipxiW4kE7o08BWU_c?url=http%3A%2F%2Fwww.i-run.fr&uid=v030400016140a0f886e628b446c5925c0c00df9acf3e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84d12c3ead7f6efc-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LuemSKgVfrojeWLc6jWWOOtwZbE%2BddFlUhh%2F8kUsLZtNBVJ8uUjpG0bMsrRhwnp%2BcnyfOwVF6K%2BYPjoh%2Fcg8VW8o67ONN775E71rqumzESgTXaZA5KyycrU8gfBAYXYvP4XSZyBi9ufsDd116cAFD3OhqQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-api-version
5.1.8
x-request-id
5r6f090qpo218lce7mdku52jla5689ec

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84d12c3d4bc16efc-CDG
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:37 GMT
location
https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=causyPzvCNNFcyDGj2nQqFh2qkK%2FJZr5umw8qLQWFOQQgLVFEDlBx8mEXqHaXGOxBWKqLGEBM5VnRkyG%2BfL6L27VQPbOC9I8e%2Fjud7V7CVRd2iOxE%2FobT%2BkEMDNLqh3HuhIAIoYDM6cRJ8UNAMbf0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-api-version
1.1.6
truncated
/ Frame C312
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C312
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
GetPrivacyConsent
www.hp.com/fr-fr/shop/api/apiuser/ Frame C312
406 B
2 KB
XHR
General
Full URL
https://www.hp.com/fr-fr/shop/api/apiuser/GetPrivacyConsent
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a02b1a56abae3103f00d66b70dce57e122d435a63325e71a2cda31747c5f6b20
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
pragma
no-cache
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
server
akamai-grn
0.96a02417.1706528137.695493c5
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
server-timing
ak_p; desc="1706528137770_388276374_1767150533_22862_9503_32_0_219";dur=1
content-length
406
expires
-1
jquery.base64.js
www.hp.com/fr-fr/shop/html/headermenus/js/libs/ Frame C312
2 KB
1 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/html/headermenus/js/libs/jquery.base64.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
08b2b0e1b6afeba1d08280455d76eb0a88f3748ddd5175f05c993e556cb20d9b
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Thu, 06 Oct 2016 08:16:58 GMT
server
akamai-grn
0.96a02417.1706528137.695493f2
etag
"039aa1aa1fd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254442
server-timing
ak_p; desc="1706528137780_388276374_1767150578_37_13949_38_0_146";dur=1
accept-ranges
bytes
content-length
903
expires
Thu, 01 Feb 2024 10:16:19 GMT
local
www.sandbox.paypal.com/credit-presentment/experiments/ Frame F180
5 KB
3 KB
Document
General
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AVVMTE5uxXyRT_foWCIo0ACPx-7RylnMKpTthDmyWnz3oR_8z_6KpQ3sxYdo45YG4D-rQNcckBq1TxFK&currency=EUR&components=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f5fe767ec60aa4b60c09496259716f16d914bc3588105ab8e6a55c876870c9d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
56706
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 11:35:37 GMT
edge-cache-tag
up-treatments-zoid
etag
W/"1479-rcjjDmCYbnZKEiOs2pd/xEvI80U"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f204062a25893
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
83, 3185
x-served-by
cache-lhr7342-LHR, cache-lcy-eglc8600033-LCY
x-timer
S1706528138.849317,VS0,VE1
x-xss-protection
1; mode=block
getcart
www.hp.com/fr-fr/shop/api/apicart/ Frame C312
892 B
3 KB
XHR
General
Full URL
https://www.hp.com/fr-fr/shop/api/apicart/getcart
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4b70f177790774d42fdc77ce8c5d03362e9e638960248169ac6d42cee3442e3b
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
pragma
no-cache
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
server
akamai-grn
0.96a02417.1706528137.69549583
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
server-timing
ak_p; desc="1706528137872_388276374_1767150979_23534_11155_37_0_219";dur=1
content-length
892
expires
-1
getuser
www.hp.com/fr-fr/shop/api/apiuser/ Frame C312
334 B
2 KB
XHR
General
Full URL
https://www.hp.com/fr-fr/shop/api/apiuser/getuser
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e799cf6b7aa89815b706ee73237cb5874d4db056f1d0994ae6442aabed8dd3e3
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

request-context
appId=cid-v1:e845ceaa-3b44-4a98-8c75-021fad1b13e5
pragma
no-cache
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
x-content-type-options
nosniff
server
akamai-grn
0.96a02417.1706528137.69549589
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
server-timing
ak_p; desc="1706528137865_388276374_1767150985_74901_12542_34_0_219";dur=1
content-length
334
expires
-1
jquery.cycle2.min.js
www.hp.com/fr-fr/shop/Html/headermenus/js/libs/ Frame C312
24 KB
8 KB
Script
General
Full URL
https://www.hp.com/fr-fr/shop/Html/headermenus/js/libs/jquery.cycle2.min.js?ver=20240125095016
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
726b0117696300bc3fb485c644eef8ff75a426e5857df9268c0340b693d43dc1
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600
last-modified
Tue, 27 Jul 2021 14:32:24 GMT
server
akamai-grn
0.96a02417.1706528137.695495f6
etag
"d0347f37f482d71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=254492
server-timing
ak_p; desc="1706528137885_388276374_1767151094_31_14595_31_0_146";dur=1
accept-ranges
bytes
content-length
7481
expires
Thu, 01 Feb 2024 10:17:09 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ Frame C312
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.hp.com
URL: https://www.hp.com/cma/ng/lib/exceptions/mu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dulN1EiikhiO8GlkrdtHlg==
age
20448
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6838
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:19 GMT
server
cloudflare
etag
0x8DC1DE7F0BAF2A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ff1c125-801e-000e-6504-501033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c3e3ed30417-CDG
js
www.paypal.com/sdk/ Frame F180
264 KB
78 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AVVMTE5uxXyRT_foWCIo0ACPx-7RylnMKpTthDmyWnz3oR_8z_6KpQ3sxYdo45YG4D-rQNcckBq1TxFK&currency=EUR&components=messages
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c443f66a6bd1caa9ba9371084fb82bfc6ca6266737c48dd76e68d6543a90320
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vjwaZwI/0OwlCWpuC+6SekDEAHzt0QNOgpvOIqsr2yN6EXvu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 29 Jan 2024 11:35:37 GMT
age
10664
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f874506338222
server-timing
"traceparent;desc="00-0000000000000000000f874506338222-e8d97c64c3488868-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79274
x-xss-protection
1; mode=block
x-served-by
cache-lhr7349-LHR, cache-lcy-eglc8600059-LCY, cache-lcy-eglc8600059-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f874506338222-9670aa710ba12db9-01
x-timer
S1706528138.921550,VS0,VE4
etag
W/"135aa-0YF4xu0OX/xx07wWxZpu514QSOI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 8, 0
hash
www.sandbox.paypal.com/credit-presentment/experiments/ Frame F180
40 B
766 B
Fetch
General
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/hash?device_id=uid_2ec55773ba_mte6mzu6mzc&disableSetCookie=true&features=disable-set-cookie
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e9631c4fc9147d5c97a6f68dbdb6fdea528322bee33566c4f7ed888cb7e054d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS
paypal-debug-id
f488810b817c5
server-timing
content-encoding;desc=gzip
content-length
57
x-xss-protection
1; mode=block
x-served-by
cache-lhr7385-LHR, cache-lcy-eglc8600033-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1706528138.973016,VS0,VE164
etag
W/"28-QLptt/bA4IMkt3ft7lDNdoB/J4o"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
d8197f25-dce3-4110-addb-f3ffbe70bcbd.json
cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/ Frame C312
10 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/d8197f25-dce3-4110-addb-f3ffbe70bcbd.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f004b1bebec2e87d92ce29fe0c89d173096e488933409f13351d503d456c1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74814
content-md5
zPhoIsdgt3dLM4X4NXiHFg==
content-length
2856
x-ms-lease-status
unlocked
last-modified
Fri, 19 Jan 2024 14:44:52 GMT
server
cloudflare
etag
0x8DC18FD324195CD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1963d9c9-701e-00a3-72e6-4a5c46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c3eca08998a-CDG
expires
Tue, 30 Jan 2024 11:35:38 GMT
gtm.js
www.googletagmanager.com/ Frame C312
601 KB
146 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3JSCK
Requested by
Host: www.hp.com
URL: https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a603c398a002f9f4b33f766f25f5f1d05fb29dbd49a22e431be0c86393fdff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
149493
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 11:35:38 GMT
logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame F180
1004 B
1 KB
XHR
General
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AVVMTE5uxXyRT_foWCIo0ACPx-7RylnMKpTthDmyWnz3oR_8z_6KpQ3sxYdo45YG4D-rQNcckBq1TxFK&currency=EUR&components=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85ea6ee808c9f5e184ec408a2c685542bfe07f26de21dcf23f06dc07a6406d7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVZWTVRFNXV4WHlSVF9mb1dDSW8wQUNQeC03Unlsbk1LcFR0aERteVduejNvUl84el82S3BRM3N4WWRvNDVZRzRELXJRTmNja0JxMVR4RksmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=sandbox&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.54.0&integrationType=SDK
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f48881036acaf
server-timing
content-encoding;desc=br
x-served-by
cache-lhr7375-LHR, cache-lcy-eglc8600033-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1706528138.029781,VS0,VE156
etag
W/"3ec-T6M6zO2Fp4JYzHmgiGMqcBb9x3Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sandbox.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
click
clk.tradedoubler.com/ Frame 111A
0
0

logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame C312
1002 B
825 B
XHR
General
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AVVMTE5uxXyRT_foWCIo0ACPx-7RylnMKpTthDmyWnz3oR_8z_6KpQ3sxYdo45YG4D-rQNcckBq1TxFK&currency=EUR&components=messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d7d1e86683cdbc6c8ed254cbc859c4e8970e78a578457c14b9644941317a73b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.hp.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f4888100c6436
server-timing
content-encoding;desc=br
x-served-by
cache-lhr7332-LHR, cache-lcy-eglc8600058-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1706528138.274343,VS0,VE155
etag
W/"3ea-jLFcu/oig8rWJdYlviQMIu2eboU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hp.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hp.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
date
Mon, 29 Jan 2024 11:35:38 GMT
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f48881016e916
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=br
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7366-LHR, cache-lcy-eglc8600058-LCY
x-timer
S1706528138.104794,VS0,VE149
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame C312
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.hp.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
84d12c3f6c36024b-CDG
access-control-allow-headers
Content-Type
MbYD4vfCs
www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/ Frame C312
18 B
1 KB
XHR
General
Full URL
https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Requested by
Host: www.hp.com
URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528138.69549d8c
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.hp.com
access-control-allow-credentials
true
server-timing
ak_p; desc="1706528138238_388276374_1767153036_715_8252_35_0_219";dur=1
access-control-allow-headers
Content-Type
content-length
18
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202312.1.0/ Frame C312
428 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NgWSX+Cq7lSczucQPtQGiA==
age
59003
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106373
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:47 GMT
server
cloudflare
etag
0x8DC118E12803BCF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f6bb5f8b-301e-000b-1df8-43c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c40187e0417-CDG
pixel_71a8d5e6
www.hp.com/akam/13/ Frame C312
0
654 B
XHR
General
Full URL
https://www.hp.com/akam/13/pixel_71a8d5e6
Requested by
Host: www.hp.com
URL: https://www.hp.com/akam/13/71a8d5e6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
server-timing
ak_p; desc="1706528138268_388276374_1767153187_252_8277_35_0_219";dur=1
akamai-grn
0.96a02417.1706528138.69549e23
content-length
0
content-type
text/html
landing
pagead2.googlesyndication.com/pagead/ Frame C312
42 B
64 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1p1p5&rnd=1334152930.1706528138&url=https%3A%2F%2Fwww.hp.com%2Ffr-fr%2Fshop%2F&dma_cps=-&dma=1&npa=1&gtm=45He41o0n71P3JSCKv6688560
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3JSCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame C312
131 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZXB4R4&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3JSCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d285da50a8622a07c0bfae00d759bb81265faf7c3e5b164f339c41c32dd74b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50206
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 11:35:38 GMT
fr-fr.json
cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/76f1ddb5-de0b-497a-b098-4f4ec377d30e/ Frame C312
174 KB
40 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/d8197f25-dce3-4110-addb-f3ffbe70bcbd/76f1ddb5-de0b-497a-b098-4f4ec377d30e/fr-fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0fd5809a658221b06aa20b82ffe59b28b68b0d92792f0ae7d5fe88fc78e144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74761
content-md5
o7fTQp2m+0OILhED5t1dxA==
content-length
41147
x-ms-lease-status
unlocked
last-modified
Fri, 19 Jan 2024 14:45:50 GMT
server
cloudflare
etag
0x8DC18FD546E23F2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a1c6bbd1-901e-005f-3be6-4a8dbf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c40bb92998a-CDG
expires
Tue, 30 Jan 2024 11:35:38 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/ Frame C312
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
te8Mm0ddAycxfv9y0/YwzQ==
age
74813
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:39 GMT
server
cloudflare
etag
0x8DC118E0DAFE1D7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c4bd6945-401e-005c-71e6-4a6cdb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c411bde998a-CDG
otPcTab.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/ Frame C312
63 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
U/2YW0bn1JJ0J1d+c+zmlA==
age
74813
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13588
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:41 GMT
server
cloudflare
etag
0x8DC118E0F0F3DE9
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2d4fd46e-a01e-0026-09e6-4a719b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c412bdf998a-CDG
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/ Frame C312
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
74813
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jan 2024 03:41:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ac520dd2-701e-000a-77e6-4a9d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84d12c412be0998a-CDG
merchant
sc.tradetracker.net/tracker/ Frame 3B7D
Redirect Chain
  • https://tc.tradetracker.net/?c=27843&m=12&a=191269&u=https%3A%2F%2Factivities.transavia.com%2Fes-es%2F%3Fpartner_id%3DS6FO0GK%26cmp%3Dtopnavigation&r=v03040001614099dafe42ef45428a82db7dbc09205811&u...
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528138&url=http%3A%2F%2Fwww.transavia...
0
0

ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ Frame C312
497 B
493 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
3108
x-ms-lease-status
unlocked
last-modified
Mon, 29 Jan 2024 03:38:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
919545aa-a01e-0044-3087-52b3bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84d12c416c27998a-CDG
HP_Logo_OT_email.png
cdn.cookielaw.org/logos/4abb22ef-0e20-458e-be93-e351ad21c465/dc995e83-3696-4bd7-b175-22002348c8d0/ce6e1fcf-f1a3-4286-9d90-e0ea8d8d9eec/ Frame C312
31 KB
31 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/4abb22ef-0e20-458e-be93-e351ad21c465/dc995e83-3696-4bd7-b175-22002348c8d0/ce6e1fcf-f1a3-4286-9d90-e0ea8d8d9eec/HP_Logo_OT_email.png
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26aaf37a953a5dbf97ec3326a17435b49a3da008bc0597342a2595fe369bad0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
k6Avc4+r38tpqJbo1hdMHQ==
age
9642
content-length
32023
x-ms-lease-status
unlocked
last-modified
Fri, 03 Feb 2023 09:54:30 GMT
server
cloudflare
etag
0x8DB05CCA56668DA
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b839e2e8-a01e-00be-48e1-5acd6d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84d12c4179980417-CDG
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ Frame C312
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.hp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
28758
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9f383b3d-d01e-003c-600b-501044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84d12c4179990417-CDG
MbYD4vfCs
www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/ Frame C312
18 B
1 KB
XHR
General
Full URL
https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Requested by
Host: www.hp.com
URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a296 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://www.hp.com/fr-fr/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=YieldKit.com%20(FR)
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 11:35:38 GMT
strict-transport-security
max-age=600
akamai-grn
0.96a02417.1706528138.6954a627
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.hp.com
access-control-allow-credentials
true
server-timing
ak_p; desc="1706528138680_388276374_1767155239_821_8878_33_0_219";dur=1
access-control-allow-headers
Content-Type
content-length
18
batch
www.google-analytics.com/ Frame 8A09
35 B
0
Fetch
General
Full URL
https://www.google-analytics.com/batch
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.1clic1don.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 11:35:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.1clic1don.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.css
static.arc.io/widget/css/ Frame 278C
85 KB
9 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:39 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
68a6c5cb34afe59a0ba754a9efc4f6e2
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 278C
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4119272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZtdNsSYn%2BMi8r4wfLgyfCayvhCk6MtTJ4Ktoe2jjk4BkKFGZ1KkoP0O%2F3S%2FrABRu6y8WDIxEt4bCO5LOmWOhFAkSVoU1n6GeNPIxo1PaUnWmA6Uk6RPAS4KQw71LrXreUkUsGdRShYW%2BxM%2FnXHUFCiN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d12c4a582ad3bb-CDG
expires
Sat, 18 Jan 2025 11:35:39 GMT
widget.css
static.arc.io/widget/css/ Frame FC1D
85 KB
9 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:39 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
a834bb9c433845b943dec15179060248
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame FC1D
2 KB
928 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4119272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwQ0sqji1%2Fd5uKf4iLcHzdR4mnvLdXmZL53SGI6lt%2Br6lOFZBXzIKTTFBjWPaG83OzMUiYFk3Ftl1clItIXIRswcSiaREQeWRYsJDg%2FCWExXOZPHD888ZPhFO%2Bg2KffJo3nfMGo1V7wk4XRtJlLfjj%2BF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d12c4a6830d3bb-CDG
expires
Sat, 18 Jan 2025 11:35:39 GMT
truncated
/ Frame 278C
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FC1D
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC1D
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
tracker.arc.io/ Frame 8A09
0
0

RcMyZdR8Fa8s8zz61cf4mW
warden.arc.io/mailbox/nodes/ Frame 8A09
0
0
Fetch
General
Full URL
https://warden.arc.io/mailbox/nodes/RcMyZdR8Fa8s8zz61cf4mW
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.1clic1don.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 11:35:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 366A
14 KB
5 KB
Script
General
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:40 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
9WD718SH73SSHMZ7
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:52:40
cdn-pullzone
786569
x-amz-id-2
jwrzNVpxy+i1mS/N/l577v4ox+ukfrpjgmX4rF76e9TSPHNoYO0CdjMI3zyK1afVCHGm3nd2C84=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1343454a1c763177d59f06c307b3a5a2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
bc54930dad9bbdeaf625a19d86dd57b3
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
vendors~widget-sc-client.js
static.arc.io/widget/js/ Frame 8A09
60 KB
17 KB
Script
General
Full URL
https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:40 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
8NG3W3SWPPQJR9H9
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:54:57
cdn-pullzone
786569
x-amz-id-2
XvrkWJ0zSEdhncRAgd+Bdp04VBlVFHWdsN9GnU4+Ysb64u/dZpbbn4xdgGYUoxd0C4ldI/lHnus=
last-modified
Thu, 06 Jul 2023 18:40:20 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1bfa017c8b068bd2857ce731fa38ab1d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
150d193e234ca1d2f3968445403e440a
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
widget-sc-client.js
static.arc.io/widget/js/ Frame 8A09
3 KB
2 KB
Script
General
Full URL
https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 11:35:40 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
DQQ8VHWST41YFNM2
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 18:08:06
cdn-pullzone
786569
x-amz-id-2
agMRD6azIkO/5EQQP0InQfUP5d8uxbWeTh5TtOXVwBr8kYTokTBXJK3C2v9B86j5g6lQ9LaF/hg=
last-modified
Mon, 30 Oct 2023 16:22:24 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"00fc1f9530439ec3d2415f9420e814d7"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
8c72f0ce038a7107bebb0842318ecc9c
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cpmaffiliation.com
URL
http://www.cpmaffiliation.com/103839-200x90.js?rnd=19372874702
Domain
fwd.fwdtrk.com
URL
https://fwd.fwdtrk.com/track?id=
Domain
lesbiansextube.com
URL
https://lesbiansextube.com/video22.html
Domain
baddiesporn.com
URL
https://baddiesporn.com/video16.html
Domain
r.linksprf.com
URL
https://r.linksprf.com/v1/redirect?type=linkId&id=a50a2bd4f9184c61840533f8d85f12d4&api_key=ea7b6f3f8994c077c92bd2d395a98210&site_id=0e811217822d4b15b9c6fdbdfc9dffe9&dch=feed&ad_t=advertiser&offerid=1768346ae2274ed594e177d64573a01a&yk_tag=w2u2g1krriij63qu2kbfj05g
Domain
sub.adzgame.com
URL
https://sub.adzgame.com/redirect?feed=634020&auth=kYcx8E&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
lesbiansextube.com
URL
https://lesbiansextube.com/video20.html
Domain
xml.eximdigital.com
URL
https://xml.eximdigital.com/redirect?feed=634442&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
sub.adzgame.com
URL
https://sub.adzgame.com/redirect?feed=634021&auth=FZfz2y&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
xml.clickmi.net
URL
https://xml.clickmi.net/redirect?feed=615324&auth=4h0n5N&subid={subid}&query={query}&url={url}&default_url={default_url}
Domain
clk.tradedoubler.com
URL
https://clk.tradedoubler.com/click?p=20215&a=1910362&epi=v030400015923974b2c536305480488f6dad90645ad11
Domain
sc.tradetracker.net
URL
https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528136&url=http%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0057.1d6a5d1f-2498-4902-a82a-26ae00fde965.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0058.dcdc81e6-472f-4f3b-a5fa-2427da6ead55.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0059.10dde74d-9aa4-4b21-8713-8cd63cccae8a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0060.4296a4c9-0e50-489f-abd2-ecbd9ca57474.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0061.e6e76d6b-aff7-4afd-a7aa-545555b3a033.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0062.8aa89882-f27b-40bd-bc33-91a2f2a1614c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0063.6bad37d6-ea9f-4240-969e-adf575368160.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0064.f1c8d7ad-f06c-4f55-a722-72d8450c9016.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0065.95ef390f-4e04-400f-830f-f13d2ae4e461.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0066.83aebd2d-cecc-4b7d-bc0c-a2b7af0b6c60.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0067.d8885b58-5770-4db5-b22b-5573d8d2262a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/ld/0068.3cedf485-af91-4d77-8736-11b593560493.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0003.54455a92-c794-4424-9d24-13587331f21a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0004.628cb06d-db5f-48f9-8033-ee0364d50008.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0005.81156096-4f0f-4b51-9b1e-56378f430998.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0006.cf96ec29-15f8-4dbe-ae4f-17b127b0ae61.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0007.57cd10d4-aad9-47b6-ac86-c3e28b835d2b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0008.576d9b1e-d070-4dd9-93f6-6903b973cfe9.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0009.94bcec56-2810-42c4-b51b-86f5c5b88797.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0010.68c72193-36cf-41e3-af8d-02a55646434a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0011.cdc085a9-c004-4fa7-b45d-105ad4d33a6e.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0012.b0d0e68d-69ea-4db5-9dd3-00de63155766.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0013.a772e976-b73b-4bfc-b2d6-71f4fd804961.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0014.a7555bce-f8df-44aa-a166-349c83efea78.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0015.2eb7a004-a1c8-4140-a299-82d1b8dfc60b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0016.6d2ea410-2b4e-42fb-8cdf-96ec1c03fc8f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0017.6fe07421-558a-411b-b975-05e1677c5a68.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0018.a203b131-5a21-40c0-893c-c2e01a387e62.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0019.5e1c5e0a-2362-41fa-9d9e-cc8d63a5c396.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0020.e283529a-1367-4ee9-b4a5-ea174c351bae.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0021.d2c24d88-2227-4f6b-be0d-8ca4dfeeef9b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0022.400c1fa3-9898-4fe3-99ce-c105f105f5fe.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0023.e9fb41ce-5832-4ae6-ba8b-757614f8495a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0024.e48be875-2306-4b01-934d-5bfab4ec4abd.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0025.ee242d79-06ee-4932-a404-6fe7066cc395.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0026.26a6bc57-9767-4a81-be4a-5c4df9a49ef5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0027.1eb6839f-6f2f-4fb8-8690-bf0acc8202d2.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0028.3bf4b3ef-dcba-4dcc-a862-9c722cf783e7.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0029.5515cbdd-ace8-4528-87ca-d67b1e0cc9f9.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0030.04b1b3c7-1271-4d8f-8f90-e1ec9a6d0a82.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0031.4010ca26-703b-4a52-957a-cbc58867d104.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0032.3c56efe8-5758-49b8-b0fe-c9bd84c16b7c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0033.4445306e-2c79-4f12-89ea-4f6799794137.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0034.5abfb29b-b635-47f0-a877-2f8585b353c6.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0035.5e8039bd-3c46-4870-9f46-3b22ec7c1477.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0036.913ffae9-5204-40b2-a89f-ddb9c76bcef4.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0037.a890364a-a974-4ec5-98a0-c47e17a4ea4f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0038.0c4755c0-c176-4562-afe5-8ea3df177606.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0039.ebbcee44-ab7a-4b2f-8f22-6d91784f7728.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0040.8534cb17-e790-4ab0-8e75-d3ed6353dc9e.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0041.c140cae1-41fb-4bb4-9f76-28eee9ec7a69.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0042.577120cc-389e-41f5-82f2-9d1f9d7951ef.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0043.eefe7799-bd56-4e53-a2b0-0ae392a337a7.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0044.a6a397bb-3e0c-43dc-87ea-23a61468bfb4.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0045.5495f00d-f12e-49b5-8cb9-0a5a083357be.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0046.f12daa5c-741b-4afb-a407-910629db628f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0047.541c35d7-38f6-44e0-897c-f7e7b92f7fb9.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0048.9f00da1c-3f22-40c3-ac96-5cc7c69255ea.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0049.1820cc70-e754-4bfd-85a8-1d00302b67af.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0050.d8a10f66-796c-4ccd-998b-c93c66a8e16e.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0051.3876a6e4-ccb0-46ac-ba86-fe9e9146de2d.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0052.06e4c884-3ac4-4653-b94a-e502a1b7b940.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0053.7ce2b320-6c1b-4790-8fd8-7707a9660584.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0054.381de949-6f16-4798-bef5-750ae35b95c5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0055.130b2e24-37b9-4275-adf1-2ec218154e4f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0056.16135559-1fe2-4b3b-a785-bf5c941c76b3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0057.5c7ed4f8-b287-4402-b7bf-23ea2b83d311.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0058.75e5d4d3-2091-48f4-bf1e-fa871be1c217.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0059.bbb58121-7a66-48ee-a8c2-fc5bf9df88d3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0060.039a3c19-4345-4b36-a97b-cd97059a9c97.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0061.5f86858f-e7f0-4205-9b00-4ae71182be3b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0062.7b662944-d8b3-4c23-aa20-821aa40e3f6f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0063.3dce142c-dc7c-46ef-85cf-3ed0a7183ec7.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0064.2c253fc1-6e41-4415-9da1-2e6ec0aca06d.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0065.99dd679d-f441-4d15-8517-49122e3ab36e.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0066.d56408d6-7dce-4ff6-97e4-9ef6dd88d22b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0067.3a1e284a-15ae-418e-be7b-4b6d83a81143.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/5f12b65f-9396-4628-a207-f0d9de16765c/pages/jpeg/tn/0068.31a55fec-08b7-4108-a97f-79be515074a2.jpeg
Domain
clk.tradedoubler.com
URL
https://clk.tradedoubler.com/click?p=20215&a=1910362&epi=v030400015923974b2c536305480488f6dad90645ad11
Domain
sc.tradetracker.net
URL
https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528138&url=http%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit
Domain
tracker.arc.io
URL
https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper object| cookieconsent_options boolean| hasCookieConsent number| cpma_rnd object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

66 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 6WJpp1muxvFZa0VoOAkIVIHZqWwUI3Q0
.turfologie.fr.gd/ Name: PHPSESSID
Value: 8a283bed7118ee391abd956f2a253ad7
t.adcell.com/ Name: ADCELLvpid12162
Value: 364266-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401706528134
.1clic1don.fr/ Name: cf_clearance
Value: Z5pYWDTpKodq8NuSY8QNKZZxyb5z84OjRBqaYSEPxTE-1706528134-1-AYksvQ8sbhGad9sXPURh4e486UXZSBYtAm9vGRIV4VQibZpEvlsJuMzP0MvquN1qoTuSXMqLOHFaueH19LG7mm8=
api.yieldads.net/ Name: AWSALBTGCORS
Value: lPo6dfMrkd/F6FBRZIWof1nl6DHlJQFWtNSNXJMt/VFos+V4cJFSmYcVFGNyBc0UlVWDBpdyDrEwJJOpJHyqvySuDPwsNsVBwOMe8lMDiXkRBRFC2YS+tg9RnFyK89Tt0hFJOsp+v9K+rUDRSt3+oG2agXrjsVztIZxJb1gAUc+uH14cneM=
api.yieldads.net/ Name: AWSALBCORS
Value: fJ9cb7+W9VCx6A3W5CxVkTPyATC6LEq41wDs/SFXRriOIKNKY2y0MAU4bVh7aRlMytkLUE8kJGJ3VLHK82b0mw+oDFucQTUVHCs8So++6Ir2f5J1OtZ+C4T9rAgv
core.arc.io/ Name: _immortal|Arc_nodeId
Value: RcMyZdR8Fa8s8zz61cf4mW
such.de/ Name: AWSALBCORS
Value: /ofd13miREaYzQfuIwOfPMyCAnoz9epPO3UZWm4O6Ygf8OwcDRCbCr4juNPU0P4V+YcWNxPkwtNhoFMM6Zq/DsOiiPKf49ZIYIc7FOqeljaVA4Y/xHTf5uHRaWDj
.awin1.com/ Name: aw7614
Value: 143466|0|0|1706528135|v03040001438738eac3e3c4534436a67cc070112c1edd-3563bc873b454ce0b690db7fc454b808|aw|0
.awin1.com/ Name: bId
Value: HLEX_65b78d87e66dc5.50616768
.doubleclick.net/ Name: IDE
Value: AHWqTUnEIClu1gT26AMDvi9apo14RWDSnlfZrFRokeT7a1rUT4yTo-WzBltmgrEMd-s
.awin1.com/ Name: awpv41900
Value: 412871|1706528135|84adae80-be9a-11ee-8694-226555b1c0ac
.awin1.com/ Name: AWSESS
Value: 460534:3451205
.updatessughing.com/ Name: e9d4eb85-3703-40e8-a8c0-ef663a60a1b4-v4
Value: qxX0dA0nd3A0YrYrbRiLGx3CZ0U1ZMQeRCBAkWS645E
.updatessughing.com/ Name: cc-v4
Value: ozGNj0Y%2Bn2vts%2FEvoOJn9Kr8rdULywT%2BwD1293pinc7t8Lpdmuk6QEQeLL0DbSYJoud0lMOrjxqQLTqOin0w4RwBgfNGOOLCteNf8aEK4i4sWnqGQdq1Od%2BLcTKGee7d%2Fm9dj1OafLRw5GDsthXYyA%3D%3D
.fr.gd/ Name: __gads
Value: ID=eaab064d8a119405:T=1706528135:RT=1706528135:S=ALNI_MZKjABnfjX255tlY4RRY3prH_h0Ww
.fr.gd/ Name: __gpi
Value: UID=00000d4b47437c08:T=1706528135:RT=1706528135:S=ALNI_Mbui3s9BsiPIRO87PQDh0K220_Ymw
.trackingvo.com/ Name: fa065b47-3313-45d1-9137-db898edaa028-v4
Value: CaizSl9CUluDXzrDjkWvA-qkRultQuTeR-tw6Z_9zww
.trackingvo.com/ Name: cc-v4
Value: 5uhpDOzRpocD0zGmmO79oRanIbDlUhqTBWzr6WY05qM4In%2Fr3w%2B57a1jay9ft79fUwNr6y9L879gmMeKTou1wo3RY52U88%2BPUkNiSzDWsm7N6QrwgVFXCEv%2FGekskt7Z%2BNqdzdG30UfOHB1Mocbufw%3D%3D
.casalemedia.com/ Name: CMPS
Value: 1145
.tradedoubler.com/ Name: PI
Value: 1z11z1z15Jz2J8s0jzElTCy1y26GlfyCaaCyyyBVCRy1fAsy2Mn9jeyyFX3PHb6Yf%79nOvokIeCX_mNQP1OsCZ0bnvBFilB88m2ers%7aQlKgS%78jWk7K_B1oUc4.uGLrfInI4qN98vMirM%798YIiCXEkrNIPERjuU%78aETAoYVtO5Hq976S.jy
.tradedoubler.com/ Name: UI
Value: 1z11zz15Jz2D7vroz1aqOyQYmZ
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 4VNiyY5Lp4zJhzo3tzq27MBRfCqiAW-jnWNhB5FL3rYfAeMFqBxoCeZVPtyOuCRUa-dm2BDg1F4Q9W2rS_ffIyuDALhroQKj6-j9kPcek38.
.adnxs.com/ Name: uuid2
Value: 8933003902282545397
.myprotein.it/ Name: chumewe_user
Value: f9e37154-551b-429a-b852-e841e5eaa178
.myprotein.it/ Name: chumewe_sess
Value: 4054b6bf-d93b-4060-bce2-0bb7953e2b99
.myprotein.it/ Name: locale_V6
Value: it_IT
www.myprotein.it/ Name: csrf_token
Value: 54829223978543883469
.casalemedia.com/ Name: CMID
Value: ZbeNhxo801NNq19dJP-kGAAA
.casalemedia.com/ Name: CMPRO
Value: 1145
ak.whookroo.com/ Name: oaidts
Value: 1706528135
ak.whookroo.com/ Name: OAID
Value: 8ecb9a878eab4eebb1b509b9a8d37cdc
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb>H=r(C!@wnfH8K6pQK`!5=E<*L5?%M>iK@<-0sCw5YwuK625OR0jbX`%@4s`8bxZ^m%nugO%v4VB%nn#1*%gn#
.magsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265b78d87e42939.407951934112618672%22%3B%7D
.magsrv.com/ Name: c-tag
Value: %7B%22tag-video%22%3A%22v4%7C%7CFRA%7C5075902%7C90160818%7C0%7C%7C508%7C48%7C2%7C40%7C0%7C0%7C0%7C502%7C3012874%7C2988507%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C646630692%7C%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1706528135%7C3248e2957b7b4f4d5599ba560f2e2aba%7Cok%22%7D
my.rtmark.net/ Name: ID
Value: c70bc50ab2ad47b98c9d4124d0d56eed
.varcuringordsetts.com/ Name: 1aa51c80-e87e-45ee-ae82-a179873e1bd9-v4
Value: dMa_1HGK3Yis4jDM5fZDAxBqkrMVrljS4sR0DSGAQC4
offmantiner.com/ Name: OAID
Value: 0a9a3b13ab0447eabb79d7b39c89f3d2
offmantiner.com/ Name: oaidts
Value: 1706528135
go.mnaspm.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrsn3TfoaR3cJptsSj3TWu4GQKME
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.tradedoubler.com/ Name: GUID
Value: 1z11zz15Jznmms9z090d51c0d5cbac44a1d96a1d8c684e13
.trk.makeinsanemoney.com/ Name: bemob-viewer-id
Value: b7bce952-9bf8-4a98-854c-2b74139e6ad1
.trk.makeinsanemoney.com/ Name: bemob-uniq-visit:377128fa-5ae0-43cb-9a59-da1f44aabd88
Value: 1
.trk.makeinsanemoney.com/ Name: bemob-rotation:377128fa-5ae0-43cb-9a59-da1f44aabd88:random:72fbdc219f5cfa43976ad5cbf63a7435
Value: 0-0-0
.trk.makeinsanemoney.com/ Name: bemob-click-id
Value: HS1xq6mXQ7BWpywYW7GYEe
.varcuringordsetts.com/ Name: fb5b2cf8-3681-4d35-9409-7659d1e6badb-v4
Value: A6bYO9AfgzA53J_XuF89W5XQIp8Vl0TXVjR6HrqnmpM
.varcuringordsetts.com/ Name: ad888fae-fa27-4d56-9ed4-d540f97a4e5f-v4
Value: IMySyVXlLim9KJTf9Un4RMA8dEipXL-NxgYtxK0D49g
.varcuringordsetts.com/ Name: cc-v4
Value: sX0nKQ%2FCXnDoed0sXvuCOkEG%2B2BXOytwg1EKKZ64BdHKUvtXpM95dPnmic9q93IfaezzAVmsazh0ImPBBmNt6CXcaC5KMTzcSqnOcaxmTKDOnT69cPzSzDNdUfLaHAVUlMrqo5mFFu2nZn%2B9m3vFYQ%3D%3D
nrebxx.romancedale.com/ Name: unique_id
Value: 65b78d8800026156
nrebxx.romancedale.com/ Name: unique_id2
Value: 65b78d8800043328
nrebxx.romancedale.com/ Name: 65b78d8800043328_c
Value: 1
nrebxx.romancedale.com/ Name: ref_token
Value: 213426
nrebxx.romancedale.com/ Name: 65b78d8800043328_sl
Value: [278388]
.s.magsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265b78d87e42939.407951934112618672%22%3B%7D
.magsrv.com/ Name: impressions
Value: lexaebxbnogxmearobxsagxcce
.tradetracker.net/ Name: uf
Value: muwObtuvVUNcFpG7N82ZZys0UTBUZlNzaGQ0UXFZcXpTZWx5aFVRVXMzZTVWVUZGWXYvRkdMaW03WGkwUzBpSVlsdXhnRmJoQk9NbU1NMFpqWmtuUm42dDdOLzZ3RDJ0L1B4TXZRPT0%3D
www.hp.com/ Name: FRISCS.NET_SessionId
Value: 242pilq32p3rrlzv4ft20h4w
www.hp.com/ Name: hpiscssid_CG950
Value: 0=anon|589a41e7-65ff-48a7-b1db-8a23d65dea66|242pilq32p3rrlzv4ft20h4w|29/01/2024 11:35:36
gis.goinstore.com/ Name: AWSALBCORS
Value: EGhnKr4GISteJHxCo4KJBA+ZRiJwtTyYMMFdZ2bkb7wsi/o5n+8ZdGfoSvLuA0U7nyMhYmzzT0UX0BKqdjSWBszoygtfvHcvRYUCc+zd8Tu1LpScfXQ7PVgw7jX4
www.hp.com/ Name: akavpau_wwwHPcom_ISCS_VP
Value: 1706528438~id=05dc60b4c08ba9964997882b6f0bee48
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z15JzqwSyGz5atyaiaXDsQyFX8H%7a4nUvrG%79mGBM6ds8sNiJVFhK6F4Yu%79CkVKPelAvHl3S3h%7abD8B6AIrOjheRiWS5p7.YCLqkKINgi0xZ%7aI0W9nL_0iwEN4JhXjOCanr0.qX7qJ5xdL3p10jOQVOZPUnD%79.jGO%79IBZmov%7aHcY%79hb6%79DmElsKqWiOfBLYskXko1mNCVw8nNIvH4qAPo4l%79rIKBlfApxbLAJ0VlqRpk.tWjdO5Hq976S.jz18FkyafGXDNhyFXX7qJ5xdL3p10jOQVOZPUnEVSVjihUpCo7cAT0tNN9kv0kuUEoe8I%7aCYiRXRi1%7af4m%79xlvXxxji1KEt7qKSK049u8FWErG9IjLtVJi6wjDD7O5Hq976S.j
.tradetracker.net/ Name: __tdat27843
Value: MTcwNjUyODEzODo6MTI6OjE5MTI2OTo6djAzMDQwMDAxNjE0MDk5ZGFmZTQyZWY0NTQyOGE4MmRiN2RiYzA5MjA1ODExOjpmOjo2MGU2MWFmZTM0OGQwODU3MTQ2ODcwNjM3NDc0YTI2MQ%3D%3D
.tradetracker.net/ Name: TTcst_167422
Value: 12%3A%3A191269%3A%3Av03040001614099dafe42ef45428a82db7dbc09205811%3A%3A%3A%3A1706528138%3A%3A27843
.arc.io/ Name: widgetOptState
Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222024-01-29T11:35:34.760Z%22%2C%22dismissedAt%22:null}

88 Console Messages

Source Level URL
Text
security warning URL: https://turfologie.fr.gd/
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://turfologie.fr.gd/
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://turfologie.fr.gd/(Line 434)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://turfologie.fr.gd/(Line 433)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=19372874702, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://turfologie.fr.gd/(Line 433)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure script 'http://www.cpmaffiliation.com/103839-200x90.js?rnd=19372874702'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://turfologie.fr.gd/(Line 433)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=19372874702, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://turfologie.fr.gd/(Line 706)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://adz2you.xyz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://xml.infinity-info.com/redirect?feed=634483&auth=gPnHL5&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://bitporno.de/assets/images/ui-bg_flat_75_ffffff_40x100.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.myprotein.it/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://xml.infinity-info.com/redirect?feed=634482&auth=JoigQT&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://adultpornhub.com/video22.html'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ak.whookroo.com/4/6600082(Line 55)
Message:
Blocked form submission to 'https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://ak.whookroo.com/4/6600082(Line 55)
Message:
Blocked form submission to 'https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://ak.whookroo.com/4/6600082(Line 55)
Message:
Blocked form submission to 'https://ak.whookroo.com/?z=6600082&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=OxjUqxg*ves_0&ci=-6215771495585878220&t=1065835609&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=OxjUqxg*ves_0&ci=-6215771495585878220&j=rv%3Db%26ss%3D1600x1200%26ws%3D1280x215%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D4856%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253...030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1280x215%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1280x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://filter.realtime-bid.com/filter?q=best+deals&i=E3174QeztaE_0&ci=2496140640400491883&t=360059851&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=E3174QeztaE_0&ci=2496140640400491883&j=rv%3Db%26ss%3D1600x1200%26ws%3D1280x215%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D3169%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D3%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253A...030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1280x215%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1280x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=RJ-b99orMJg_0&ci=8757753377156695108&t=1869367739&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=RJ-b99orMJg_0&ci=8757753377156695108&j=rv%3Db%26ss%3D1600x1200%26ws%3D1280x215%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D5361%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D3%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253A...030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1280x215%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1280x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://r.linksprf.com/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=1706528135832&cu=974b2c536305480488f6dad90645ad11&ykuid=ad8a2792428942b49de9f2e856d2b526&sc=1&cs=80cb2391abab36a6a3705ba823ed9ad9(Line 17)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.raja.fr/?utm_source=TradeDoubler&utm_medium=affiliation&utm_campaign=YieldKit.com+%28FR%29&utm_term=logo&tduid=090d51c0d5cbac44a1d96a1d8c684e13'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://offmantiner.com/4/6120639/(Line 55)
Message:
Blocked form submission to 'https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=*pZQb1gtZJ8_0&ci=1480978845797766241&t=1294136297&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=*pZQb1gtZJ8_0&ci=1480978845797766241&j=rv%3Db%26ss%3D1600x1200%26ws%3D1280x215%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D242%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D6%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253A%...030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1280x215%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1280x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
rendering warning URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe(Line 236)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=gmqE2rFw1GvXbtkbK82Vk7trZLJOnA7T
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.fuerstenmed.de/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://r.linksprf.com/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-3et2pmaciaavisnartvs3i4i0i1c1F0%2592aAe%252pft5%3D2%26a621b1dac29%3D0%268417u%3Dh%3Ftt%25nAr2k%25aFtwd.rr.nta%2Fis.toh&e=1&ai=92836828f09d4120880d349bb055dbfa&sct=0&ct=1706528136304&cu=99dafe42ef45428a82db7dbc09205811&ykuid=31377e91a45149eab986c5877b8878d1&sc=1&cs=78130b1d72a04623352c1858a0c9b67e(Line 17)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://nrebxx.romancedale.com/?utm_source=da57dc555e50572d&s1=213426&s2=1983036&ban=pops&j1=1&j2=1&click_id=HS1xq6mXQ7BWpywYW7GYEe(Line 188)
Message:
Ignored call to 'alert()'. The document is sandboxed, and the 'allow-modals' keyword is not set.
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR(Line 5)
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://xdufs.sandothesooile.info/RPWOSS?tag_id=926093&sub_id1=604734.604222&sub_id2=3387144170917765147&cookie_id=55406ee6-b6f7-49e6-8e00-fe0b8803fe59&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/jGP2'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/FEXJ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/Lj3C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3ZLr'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/3UK1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR
Message:
Mixed Content: The page at 'https://pkuwp.sandothesooile.info/NTKDYO?tag_id=926093&sub_id1=604734.604222&sub_id2=3185201017279848785&cookie_id=535f1ab0-28e5-42b2-829e-aca7fd0ca547&lp=adult_light_b_full&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Folivedinflats.space%2F%3Ftid%3D926093%26noocp%3D1%26subid%3D604734.604222&geo=FR' was loaded over HTTPS, but requested an insecure element 'http://gdurl.com/y13a'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gdurl.com/Lj3C
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/3ZLr
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/3UK1
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/FEXJ
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/jGP2
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/jGP2
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=tMY6sTbEH1U_0&ci=-691964770409688744&t=1579153193&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=tMY6sTbEH1U_0&ci=-691964770409688744&j=rv%3Db%26ss%3D1600x1200%26ws%3D1280x215%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D5419%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D15%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253...030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1280x215%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1280x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0%26cnvs%3D80808080' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
violation error URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
violation error URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://www.hp.com/qKmiPu/l/R/Ecu78VTtlQ/bi5QkScp2S/SXktOwsLYAQ/Lm/MbYD4vfCs
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security error URL: https://r.linksprf.com/v2/go?t=1tdp5%3A6%2F9la.6r8d4d8u5l3r3ccmbc7i3k9p1202453av1i1e326%260p9%3D%3D0%2601000%3D5%3F2c9l4%2F2o5.6e0b4o0e8aftdkdc0%2F4sat1h&e=1&ai=4ed0489591fc440d031d7aae&sct=0&ct=1706528135832&cu=974b2c536305480488f6dad90645ad11&ykuid=ad8a2792428942b49de9f2e856d2b526&sc=1&cs=80cb2391abab36a6a3705ba823ed9ad9(Line 17)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.raja.fr/?utm_source=TradeDoubler&utm_medium=affiliation&utm_campaign=YieldKit.com+%28FR%29&utm_term=logo&tduid=090d51c0d5cbac44a1d96a1d8c684e13'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://gdurl.com/FEXJ
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/Lj3C
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/3ZLr
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/3UK1
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/y13a
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://gdurl.com/y13a
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
security error URL: https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun(Line 5)
Message:
Blocked form submission to 'https://redirect.joingekko.com/monetize?queryid=qhsjgxa3xfug2wjjyzmjb2xlqu&b=irun' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://r.linksprf.com/v2/go?t=mtcpa%3Av%2Fscattawewr2cFe%25.3ep%2Ftc%3D2%268135m210%26b%3D79d2898u4h4tes43f%25dF924a6t0v0t0e0.%3Dr%26noatig.von%25oFDs%25em%256F%253GpOr6nDr%25id_3eStFa0FK%2522csp-3et2pmaciaavisnartvs3i4i0i1c1F0%2592aAe%252pft5%3D2%26a621b1dac29%3D0%268417u%3Dh%3Ftt%25nAr2k%25aFtwd.rr.nta%2Fis.toh&e=1&ai=92836828f09d4120880d349bb055dbfa&sct=0&ct=1706528136304&cu=99dafe42ef45428a82db7dbc09205811&ykuid=31377e91a45149eab986c5877b8878d1&sc=1&cs=78130b1d72a04623352c1858a0c9b67e(Line 17)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ad.a-ads.com
ad.doubleclick.net
ad4m.at
admediatex.net
adnade.net
adz2you.xyz
ak.whookroo.com
analytics.webgains.io
api-marketing.milibris.com
api.webgains.io
api.yieldads.net
arc.io
as.ad4m.at
asrv205.com
assets.ad4m.at
baddiesporn.com
becast.onionlive.workers.dev
billigerscheiss.de
bitporno.de
blogger.googleusercontent.com
campaigns.milibris.com
cdn-binance.com
cdn-dimi.akamaized.net
cdn-eu.dynamicyield.com
cdn.cafeyn.co
cdn.cookielaw.org
cdn.track.production.webgains.team
cdn.tubecorp.com
cdn.zblkqa.com
cdnjs.cloudflare.com
charmgriff.com
clk.tradedoubler.com
cm.g.doubleclick.net
code.jquery.com
collecte.numeo.acpm.fr
consent.cookiefirst.com
content.milibris.com
core.arc.io
datatechone.com
deli.misaglam.com
deliver.adnade.net
dsum-sec.casalemedia.com
edge.cookiefirst.com
embed.chatlotto.de
eu4-de84.muggel.net
filter.realtime-bid.com
fonts.googleapis.com
fonts.gstatic.com
fusilare.com
fwd.fwdtrk.com
fwdtrk.com
gdurl.com
geolocation.onetrust.com
gis.goinstore.com
go.mnaspm.com
googleads.g.doubleclick.net
grow-platform.tradedoubler.com
ib.adnxs.com
img.root-top.com
img.webme.com
imp.tradedoubler.com
lesbiansextube.com
link.joingekko.com
maxcdn.bootstrapcdn.com
my.rtmark.net
nrebxx.romancedale.com
offmantiner.com
olivedinflats.space
pagead2.googlesyndication.com
pkuwp.sandothesooile.info
pubdirecte.com
r.linksprf.com
r.secprf.com
redirect.joingekko.com
s.magsrv.com
s0.2mdn.net
sc.tradetracker.net
sobisy.com
sparkasse-fickmuehlen.de
static.a-ads.com
static.arc.io
static.wixstatic.com
sub.adzgame.com
such.de
t.adcell.com
t3.gstatic.com
theme.webme.com
tool.hubu.link
tpc.googlesyndication.com
track.webgains.com
tracker.arc.io
trackingvo.com
trk.makeinsanemoney.com
turfologie.fr.gd
updatessughing.com
varcuringordsetts.com
vast.yomeno.xyz
visifeed.org
warden.arc.io
www.1clic1don.fr
www.awin1.com
www.cpmaffiliation.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hp.com
www.linkbux.com
www.linkredirect.biz
www.mr-shop.de
www.myprotein.it
www.paypal.com
www.sandbox.paypal.com
xdufs.sandothesooile.info
xml.adflyer.media
xml.adtube.media
xml.clickmi.net
xml.ctrtraffic.com
xml.eximdigital.com
xml.flurryad.com
xml.infinity-info.com
xml.mediacpc.com
xml.rtbfactory.com
xml.thenetwork18.com
xml.xmladsystem.com
xml.zentrixads.com
baddiesporn.com
clk.tradedoubler.com
content.milibris.com
fwd.fwdtrk.com
lesbiansextube.com
r.linksprf.com
sc.tradetracker.net
sub.adzgame.com
tracker.arc.io
www.cpmaffiliation.com
xml.clickmi.net
xml.eximdigital.com
104.102.45.165
108.138.36.69
108.138.36.78
108.138.36.89
139.45.195.253
139.45.195.8
139.45.197.245
142.250.184.198
142.250.185.162
148.251.152.47
149.56.148.224
151.101.193.21
163.181.92.238
172.64.151.101
173.239.53.18
174.137.133.16
176.9.183.55
178.162.223.113
178.162.223.114
178.254.33.33
18.169.9.11
18.185.82.92
18.195.71.253
18.223.141.84
18.245.31.69
185.217.104.157
185.51.218.247
185.89.210.82
188.165.150.178
193.238.27.28
195.90.208.185
198.134.116.28
198.134.116.29
23.239.7.51
23.50.131.94
23.53.40.17
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2600:9000:211a:d800:16:e6fd:1a80:93a1
2600:9000:225b:8800:1e:5c56:d400:93a1
2600:9000:225b:c200:1c:faf:c240:93a1
2604:9e00:1:129::2:b0d
2604:9e00:1:129::2:b0e
2604:9e00:1:129::2:b10
2604:9e00:1:129::2:b12
2604:9e00:1:129::2:b1e
2604:9e00:1:129::2:b1f
2604:9e00:1:129::2:b2c
2606:4700:20::681a:ad1
2606:4700:20::681a:cd7
2606:4700:20::681a:f8e
2606:4700:3030::6815:923
2606:4700:3031::ac43:a2c8
2606:4700:3033::6815:2a4b
2606:4700:3038::6815:ea1b
2606:4700:3110::6812:3b96
2606:4700:4400::6812:2089
2606:4700:4400::6812:2233
2606:4700::6811:180e
2606:4700::6812:82ec
2606:4700::6812:acf
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:6800:3:591::2
2a00:6800:3:a0b::2
2a02:128:7:4966::2
2a02:26f0:3500:18::1724:a296
2a02:cb40:200::242
2a04:4e42:400::649
2a05:d014:286:3501:c236:acb6:449f:1f92
2a06:98c1:3120::3
2a06:98c1:3121::3
3.75.56.58
3.9.158.88
34.195.224.242
35.204.82.244
45.133.44.24
52.19.138.177
52.28.39.71
52.29.28.3
52.56.219.216
54.225.185.110
8.238.190.121
87.118.71.104
95.142.100.82
95.211.229.246
0124b61c4e6df0402766c401694f894c3875b8a6c022b5997d3313f106c83b8f
01618bd4253be3d3e6c0b5ee0780d67357b02ed57454b6bb8d9ae05be90e0118
025438bdf59d78a9fc2add3342ca592c85531f6524f018f4b7cc54f1d0f9f400
0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730
08b2b0e1b6afeba1d08280455d76eb0a88f3748ddd5175f05c993e556cb20d9b
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
09e5aa67fb5fbd8a3f2f42bceff88b46b3f1fe5259144b529f01f0bd4b0fbced
0a79c3fdb375a4ac5bfc07e870b44ced5770cad0afc04ce08f3c76bcc1bd24e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb8ccc524ca731d711691d2cf0f83f03a18c6df4381ac5d805f76245e2931f7
0cc33061643ee292b57644ce6232d70326347ec1ff7ade7781dfc1b91dae7913
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0df4bc56f49b9416349558d709ac73832ec911c652ead56eb2cfd1d58ad56a9c
0e0ac2f0cd6df430181b3abab672c7442bb1b06d8f54e52c4d6e3eb475ef68af
0e9631c4fc9147d5c97a6f68dbdb6fdea528322bee33566c4f7ed888cb7e054d
0ea7335c735c7b0e088eea04b08065609a7d2a88e0ce8e8d5c64894bcf9cf9cc
0f004b1bebec2e87d92ce29fe0c89d173096e488933409f13351d503d456c1c2
0f5fe767ec60aa4b60c09496259716f16d914bc3588105ab8e6a55c876870c9d
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
106e66b12731a17a035beaadac3fc923237a48510b4fe694e846da68a5e343f9
109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766
11d7244474597fae03600dbaf51a0289d941be278090581ab72f23db38a9812f
127eef90ad478ed2f4f646713a6e90e7b2b203c3c3e0731f09158b1c3c5c21f0
1354d919694f2229f1055aec5fe92102c59d7aed474b60a13de761780b38b45a
155a1b3bdb0f9cef76a2be1fd9284d50737dc1c5d21ad50308745ac2d8d933aa
159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65
15bd5e46b9a40115a18b8c72b1954d7e9aa86013f5453e8ea4428fa68730f693
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
162db1b2290e1f0e1b97147018c196b812a944323fc66287883ec86a81d698ec
1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45
16c7503206f9bd871bfbbf75eb991b37b0d8a77d32efa2f07c79348ab88ab04b
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f
171c28a4d21a547826bdcb4b788e9ae81fb9f72d23d34934388cfe7240881b79
171e2569e608b742edc6927b3285c52256203a6bfbe958f35d78f59639b6fb66
17296011d2e1ff2784737023789e0e3821d9b09e5dd0a6da7164a020fe4e113f
17db6332b26226b212181ef09e92805118dbac154876b7df2b0a024bf02cc465
1828021a69dcaa7ba424251b9627a9af8515e7dc061ca31a387636db1f075f27
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
196691e923854e4e4d15c26be9d998bc8e2588c2965221e26e80301ac01e7d69
1a195c6ea9e94c5ab1e402e06e560eeba42037b022e2163ad9ad1b9d654122ee
1a3a3eb93d9b6ffced0ce13a8e186a7b97833313cd12115e2ccc708fe4f5197e
1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c
1bebd77ee7e02febbc489525e4cbfc1336f8ee18629a41ee4d2593b49591eed6
1e82c6c07589b43a339586a5df37180d5417494c49a8852153c1d1a114d31f75
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
1f418c444a9efe0567ec74f94202d33d0e462f3debc5b88eb18c15c732d474fd
1f58ad20401510edd2468f72cf3861799e220ab6ce5f6b1ae30c7ff8c4439af5
1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6
2052b7c6f11b588b309d6f4edcf6e69e45636eac4d55c7786c750ebdbf3df82c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1
2457c6fbcb1c05405e74e35a9a106936c2269310edbf81951d19c0ff061e725f
2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5
256da8225f771c00efc3840bdf4a86b7eb748c738ac43b8b0312086942164023
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26aaf37a953a5dbf97ec3326a17435b49a3da008bc0597342a2595fe369bad0e
26f73441fd9402414df9acd76ccca71eca14931fd75153e50c32ce3a1f4cb466
27ad1f5c6e5277c57a2cbc627a025f4dd2d5f59cb914810b94a63844ded1306a
287605180cd13181651cae4edd377be5a63cdd2ecd431c9e07bd6ccaab6c2f5e
29287f0ee27b9f865409fbc1a40b1d61b7a4fadb90b7c8c38165da62d04d3958
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a92fb119d491db997c85e92817381a68707486c1a55293827329a548c95217d
2adcab6f6a7e73d8d54f732e1e35f553bd0d768350f79f747e3951a5366b04a2
2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
2c443f66a6bd1caa9ba9371084fb82bfc6ca6266737c48dd76e68d6543a90320
2c9836a2a41cf3afb88e1ec7eb190dfab7ca158f0dea35953121b798559c6d4d
2c9bc45b0b427613aee21fad37d3481c180bcec47496e336451f0c7022274d25
2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d
2d6a7968c424710f382fcd2a49e839277171b30177de8c8e2a19e740d36ef246
2da6c5ad38b91513fa307a78e1e74d3f4a1270fa31f061db57c54ab4f0ea68bf
2de09ee2e42e35be1d489823ca2b442906319a2bfa9c2927bae84f4b7065389e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e20dcd94506cc566113c0c31511dfcaf6240fe5ae562a98374fa841aa4545cb
2ea70ee1b798710f887aefe1bc8f178f3aee1c99f81a6b2910599a45c8fd9f95
30396828f2c2fb5e4e4d9c26b0286552cf17243411ac0d5d8b97e1fd9a7595c0
30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee
30f1478485f21c28becc24064c4c611cc546d93dc273edf818a834ec5a8bc765
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a39e1cf12f5dfbaa8b22ce4c1ae1b1cc6e944427904c30f353b260c9946710
3356bfa621dcadda9484a7ac6a9d702ee41301abe74951602177b91f85883f37
33db468176c7584362ee0201b08118a53b5679f9953195323eed119843941795
341b47375047ca02320ab81c5b88bfe214153886a1f215f364ba2b6da2ded7f0
3453c7dcb2634bd70780e614fd7b497a7f96bec63128af9e419521798d090db8
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
361813deac3c28bfd607552f547f9db5756eba7bf416518557b3bdd12b1a134c
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
37a3a67382c030e972bc0694d6d0628410b82c9ed3235d3424e6d1cf0931dc1b
382626163e578f35ed52c94bbd5720323c0ce4bfaa29d6d404577894e9f8227d
38c9ccb08d00d86be48e70de040966156de1617579ec8756d9d3f605fece2df4
39811cdfd6454046b9a69042fe5ee98adbc9d213b11af9917d2b45a8082504ed
39bca72040cba117877b71400b86e37da57766d1695c4cc1006210aa2bbafea1
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
3a6153f6f1be6d37e9fecace5f213d6886863553c296d7ddb306c529a24aab75
3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137
3cab4848dfb1248b123a2c758eaa4d1b9352ddc4c4e82cfafcc4743dbca45ebc
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a
3d3e65da8cf43f7b7163135b03dd8e46916d162621d5a670db38ea19f3819551
3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818
3f1bd64cc4220e41061818e6c84e46fd6c439dcdfa6f33f1ca2d91cc8ac72f76
406e05680bfcb14ec64f31571ff3f8b8977cb997d4668179fbb8fb40560ba4a0
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41023cd20c8d354cc436f11aaac789e30a623305af612ef8d0adf365592dd671
413c333d4c8bb2b4ef668369cff5bcbde554f6b631fe2376fd61a4691603a8fb
4169907e3ffd9950d6d37067050ad613eece0e7c723cc35eb6a7ec9cd4087ab1
423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345
42b5be285db123caeea39eeca44e1fad72eac7fc665eebee0908eda167111ee8
42c8bf7a875c847e20137487a20e5a6aac836b56e63ea352febc3b616bebe1d5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4465ae539c01e67a60534fe1492cf9ef7c7d6c6afc1b5a997b3c66a007650501
4567b51bc54a2faa50d07f70c55d3e1c96bb0b8a6752310e3659e0cede3133c9
461883ddb966b115df5d132b4d91bbf74e88a676b29a3e56c12a78c62da8020c
464554e779bb3801af351fd2e13167ed80327d406f060d6547fc103165e3d523
472ef1208e98fdb6419249c85cef81e083b3e6d4b45f41bf85c862da882b87cf
47df16d5899177779bb1334927e34d5c7e70baaa7b67aa1bdb594e88fd927586
47e6c644b1ed5dcc9721467011aba1e2d27bed3c90608daddb0a728fb33b4418
481b59df658798976cac8d5f526fbe43d06f736503d315b31629cf14bac2d06d
48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0
48baa7c5d07e1226b4f45ece050aa7be9ad16cf5f31e6b6cca4bb71e5a2b0e80
49b217e1a416ae8d6cf238dbf0cb9f8bd0bba25fffbb72a68948aa7267079da1
4a3596ac1a9aaf77a7b247c7d78944f5307a4157b02c637b67c71ff8714dd542
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b70f177790774d42fdc77ce8c5d03362e9e638960248169ac6d42cee3442e3b
4bd5a3e93969fcc0fbdcdbbf53e2fe8d380c447a7e2d29c286e557aef08727aa
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4c9d6181eb4c3d135d54ec93522e2afc290c65b172f2426358ffcfb19020dd6f
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c
4dc3c993cb3c2d6f8281e8689764cc607bcb0431d754c85eded1b766369fa275
4df40eb5ea4d60ae2f272fe1901f74111ad3b37be2e16320533006fa39934e36
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed2ace6532520a4ab797b8abd983ec368a6613efd24f133f41661ff25477d16
50d520806d55eb54fff829764da81ef097da6d8f789a8cb1a516bf8cb7c0dd79
511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29
515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553
526f9e51eb53bfdfdc6de46e24e8cf1097861f6d9592aedff82cc0174099d7b6
5282d31bd166c830f8700c842a416f1937fe3b070c60786c979b835adb0b820c
5304c232a3bbb68709a462a527c728f73c356f095fddc8970897a94c884711da
538d3a7186d87e07c88995d57d82c1045c1414f8629ffb877f9a2d0808bfb853
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
546595e728064976b542f401ad4e34a504d4abd044bb48d21990f6bae781eda2
54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896
553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7
55df3c8eb1080098bd62f7ad163e39294b4c5576941a241686c909f7e36dd8e5
561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b
56d7ed4de9b9f5aeda1987f4d806b81317c2959ef70c7d20c2599576c9177f71
57b96365cdf27fd16b11c7e205483132d52ed7fa4c663f1b73d2d00d520a157d
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
59c57df5a8d966619ecdf842d530daf1ef23fd07e86ae03a655c648a8e18055c
5a848bf717de0d02fb36feaa8aaf23866f2ca1f53c02136e6bc369c3567a70c9
5ae7a1adba46f58f5d59595820d30f22673c04f6f3b54ae1f220a4a49cc7ec6c
5b7d7fd7f64ddee014613b92a0276242a4b0baee340c762dcad4033a2bb25df8
5cad6ef2e9bd6a17e8baabc3e42a2654476e4acff6122fc4443bacab531e4edb
5cec734d0e7cda885d52e7a9a80fcba8aea44d5ef91f7c6678c024353c508203
5d7d1e86683cdbc6c8ed254cbc859c4e8970e78a578457c14b9644941317a73b
5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128
5e6383aa6ea59d91ca3f151208063fe01f3f9260e166190ffe0d866458e93ae2
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
5fcf725a1251cb6247ff7518591193a0bd1ccb54715956178182b8464dd323f4
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61223f88ea413a6206c06b7189d83809b0fb37a77a3e1e979d1d97f130a3ac13
62a3160051eeb5c2387769d8d99a3c8cee9657201a3ff350f847a7e0dd854d97
62e277aef05362bf78e2cf28f1304d504f018a89420b796e21a7d4791d8e8af5
63ae5d14ceffc2560197362022f839b1c6418420cf035f90efa1d58fdaaf6911
63c3b80f1b879c4df231b7917c0e57410c19defbdb8d908ca8b823b18cd9c137
6461b3dc9fe530e158f951cc9cebe8d0bcdee07bf7ccb17bd3e1eb68d5fe2bf4
65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34
659d68b537f0ff7524f89d54c1bfb2a64071e1d51884a0b442b187b96e6f772b
665ef317954f751907de55c03c7ff012bfa25c7617dd61d542edf7aa1e995053
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
66e4b46c95d714df8cb550a86d1fdfc4c1e462e422d806aa1249a8b5e1809cc0
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b09c581d98c57faa63e84fa1726be83c87f1389b467e505c041d9724fc745c7
6b43f8efa0221318c42ee6996ccd4f4763fcaa8cb6d22c3b3933ed827aba65dc
6d24ea0046bb6694e1802a80e38aa53b711d697cfbc637447ba26368ab2f02ee
6dfc010eb843409845241f4c85d10785329a96372ab01ff75df1ea6e171af65f
6eaf4eaca19e1ea739b24e3ae3ea55cf0df20d6e67cb4bccbda6b2847ddca6b5
6eafbec64e77f472e4720532746f058934cf0ad44f1f3a25d9dcb5e26a545d37
6f2a0cbb329644ec82428cdcd25e34d5f533969bdc69091cea55be1edf348083
70a113ca852597a7a4abaa67ab33fc17d2d2fee947201623481719ca92b23e3f
70ef650c159e57f15f2520e87c47bd035b62a0b31f1d137f4d17ed2012f34970
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
7182d8b40f23d54f57305f8cd170153c0b07b257bc15194b7af01e5d72128fd8
726b0117696300bc3fb485c644eef8ff75a426e5857df9268c0340b693d43dc1
7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104
754810170b684332f007972bfc21867def70409a279101dfe4410b63db0bc28d
75a9042147e6a457a72f68b5e60298c643057ea87600c57f4a84340688763a24
771378fffb5cdd3dc6fa23db24c53bf29e1271249b2997ff23ba108f9ff73fa9
773fe71364d7c47fe5970d37a4b183ce6c60dd214745af7ae7ea3c37ec40b8e8
778aa4b81cf3e0bbfccde36672efafd9df4de3e3c16c9aa679c1129bae4f543f
7799629aae021a3a35e6fbd0f2ef797dc996d8172903fac27c111f992a39b430
77cd5f831df132de38f64f7962efccaf024e928ed409484220ff30eb80806ec6
7834dd8237c2ca7c60942f20496ed03f84bfbae77c552e4c0a93f0cb1ebd392f
787d44653b810f39b2ed4065d59e7a23d83af7ce4686de0bca2147c3147718b6
78b4b0a8d79871622d9506890d2cd5764fd937e24d99133d42d30851083d2d53
7959ebc8003d0baf6009bb9d71f98364429689466ecffea56256b6974afd6cb4
7994fb3797d9a08ebef8afb97e37771fef5829a56bc4d461e2c087bfdfd866de
7a08b2f76eb569eb3857b5c099dfda1de4d8bbedc0c1222311bccb0e2078c939
7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08
7a603c398a002f9f4b33f766f25f5f1d05fb29dbd49a22e431be0c86393fdff3
7a7753159ffd7b71361c9a3e97c1ab2f484481689834ee1d502e7bc844dd7008
7afe4b232e5895a661e26d445f475b4b60166cb5526687f6dd49b7fff2ce6264
7b622631318fe5d20460a1c1a10437829eca4e41844d79631e9fb03108537e9b
7b73e2c891cc251104ef770c4f589cb07347cc20ae956c53b185f0a1c9a3cc47
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5
7c588f1cd3e8533e4cbc5aea523264aba9a0ed9e9e0f54ce31f66988a2fee389
7de78518bec6f905ce315eba5bc7207cfee92762da2654a2f1dea6950464eda2
7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
7e56ee982dae9d74289b3b2e2ff2ed5ed11e63f650fd4b32b6e752d3e9ac0c18
7e9c91107c3bc07bd3d3b7479fe5fe7af1e8d3e2a48ba6ca80af70b51bb6a625
7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77
7f740f92289b334ca0ea7383fd4117bc8fc798163faec316a7a98624e0c55aae
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81050509922a7682daf67564ce2f66b99c8f4074013a5fef0163be3acf342477
810ef899aaf5ddabf470f55c167011ab89473ba84769a938d79924110a95e7c4
8155b8a9939a2e25d7b2661536aeaecb084958e8a0b2224dd50e44db9860a68e
81ed2b079018e722b7ddd489c3c365ae505f53f78b8aaafffd94fa91d3b987cd
834ae2223381d42387cb13bd26cf384e637f79dc98d274d470d514b4491ccfc6
841b8c3e366e5951513f96d9c0986b220b0c08ae447ed19d8c43fa5abe80764d
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0
856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
85ea6ee808c9f5e184ec408a2c685542bfe07f26de21dcf23f06dc07a6406d7c
85f83bbe07d381c50827f9b52fdefbcb0474974953785dba152d7d556598d3c1
86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
887ee4fd5820088063e31ee2e61869155c1438e27e9f1b116d8fe3bf60829ea7
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8aac137f84190a091926f566927e9b585c90dea37cb95ccd7cb2f68fda0c01f1
8af11605f0fea437a3440848f4f9ac9f2f0fb40b7c57bb92539ccabc42c4ae53
8b0019948b179d30e954e6f85ffcca80332b44108ae41ef36789032420c55ee4
8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090
8cb1c020793621bdbf546362e835626223e7b1d28a8054152ad758cf81ab9aea
8d101c1a0d579f418a66e054a403dff556c002ad77a7543b75a379cbdc91b014
8d278a18ac485ef4d26e0eee4b019e5195992768585aa7faa77878d2c4f569d9
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8e20ea5f9720a9e80aada260e88b9c4ae1e309dd59f37efd3a79fb3745b7812d
8ece0425b295473c83b4ecaa0b56aa3098c0be2f8e596c5e3bd020d9ee4ef069
8eda3710ba11425b61205786e559b876e8e84db71fa40b263b4142c723b8f452
8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de
8f5680c3e7647640b6ed02de01e6d2c77799917a0db757f670c60a372b7b4369
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
910a016679ad5f8236e3a355f6df70d3372823ab1ef054d486c0e7f9e4b957e3
917aa980e560556778d5cc9566323f36b58f3424e6e0a865ce0bf80933e39bd6
925f925e1bf602978c696597dacc5ec9312041c64ab8223d81821088b86675d7
93065ab750c1916d62bab59ec8fb1140ee73b5a0908f5da7a983b83fe623b3af
93165aace1056597b5345254f74f3dfb2dc49c69ea49a3e0683a33649de592cf
9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0
935e69a0b623916790bc4ceedeb1cc3d0918bf6fec70f82331ecb72c8ac375d8
9564a625f9fa72d08033f6e96cbae5a8177c87bfbe5bf08f419b7fa1baa72056
9718582cf0d10e9d0ed8be3781dba0969b8a7f07b7a17dbafd4544e36f6d5090
97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5
978c08d60d864b0cde74f51bc5513f3001799f8cda37d276812292449e5f7422
97ddaaa91b21a9a9980d2eedf7c971dc2ee66757675c77b07cc039d62975cbee
988bbd699c543f1fcb84032a54d5011bd328964298b1b4568d477b76f7358bef
9a1a49cf92c764a0f9f2abfad4267dd4fbb91e80b27f59d07cfff5274ebcfa1d
9a255011f1b90371fe4135b20812d014249d15c0f93f64f72abd3134a1fda1d5
9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c
9afb5a653d5ff3a4bf3416074bc0cb473df67588b2a615c88198beb0b9e3d883
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c3f3160ec59a364a8c57f757bf7b1121fedb74ecf6ce743790adb7f30784a95
9c9087725aa398daafc233c4914a35cbeac197ee37a8fc307db8b4352e8679f1
9cc501506a01eaddcd06d98c058453930afdf2190744cc38b3289fd8e7320b35
9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15
9d9b1d309fcf756e2bd55c15e3947b852c1c9c2a8310cb0aaaf4ff3f2abc015c
9ef4eb999d7dc95df9aab67fa54ce4c856555c3512b4e59e126460811031b03c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02b1a56abae3103f00d66b70dce57e122d435a63325e71a2cda31747c5f6b20
a0750d4493debc5e7f2ba3efde7073f485c0db4f4745da0435ad51d4013173bd
a0e3da3ed45092c28472ed34cd0cb5d07b2288bf8b99bae0ae010d1827ed69bf
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a155eedfe6ef04fc08acb346867c9909ec60d7a5168579a2caaa5b90a5efe5e4
a18c8c5d01af4a628131bafde03d7acde117e983419b15497f49a92e6279fc99
a1be00ce5106c2dbd00535547ed4bccd759a94dd65a4cb6f266b8745df18f07b
a1cabad8f808c9dbeaaed4ed2bb79519c5a0b441956a485a02a9c046013f88df
a1d4d8ee7ff5c687ce310fa85f4172bdc750268aa1932b27d253ad06dc40dc1c
a3a8933c5d492ab658fe1f1d44e3b0d8d49f8361b1060d7b42af27498b4fc7f4
a43efe885ce55d0a50fae05e794eeb0b7dbd0599d52ddf835da15f2c6755ea8b
a4404de08dd9d3e5cc8d686d0cca9171327724ea9e1aeb3b4d1adeba61d39923
a4c250889658504fa7c1310fafac388d451a64a892e513f59ce06e674c97c248
a57b94d17607a20f950a44df62201adb5c9cc3feae549a2aa7943b211f763b94
a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333
a8bc52c1b7699473e083dba1d954be18c2af142445c326b5442538ac4efdaafa
a9797bb0d5738127a891423840c42b00e12d13af64f088f6a4c619f6358c017f
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4
aac08e0082132377677adaf138caf0bb9c1014086ac41733bb67f3116bae2364
aafb3e97dc39ce5ce919ebfd1135204868b9cfe049e4651d63b693fada871f1c
aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee
acb16fe13deea088591a0041c3721b8e4dec91a7b54816313de7f6e23814d454
ad55fc50b1cf2bf76ee8d73f28be743af90daa4ffdc0ef2e63d0ec3d3342aa11
ad7583d5e709e244ef97e04b92b213b05b2f4fdbea178d4c10fdadd9efc4dbae
ae95dd813d041cbda8eaaa855f6950edb18d17090ca9f1d3257f68efc7e49bcf
af026ac65b2d339a1d8c00f8c78810f23837b3909087ff62f9cf7d9b00cd93c3
af40c3be0c65276c41db6bed0e54de7fec50dfe851b87938583bd102417f718d
af4bfc2bea6b94ea5a0b18b26a6e776d93cc8cb42907875342ee3c7e800c02cb
b12670e517c5f7a1bd17fda855343f57032640bb22dcdba6da78f5dfc68d28b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b376b967cc897e2299dee4b9d0f57ba4c3593a62dc6d6b40ba96a2bf2145bb
b1f8e5df2ea8e7735c63689aaea200709ef1525a450f00a46bb689bfc60a27a2
b21c8f20dd5566073d0866d37787af516b358ba2fa72577612380a04c783595a
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b37c8443c8ed487a8ea27249c5c748bf5d7f0021e6799bb306fbdbfc793cfc6c
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
b43ce1725864dcb1cd50a8046535761dde9e50658afc733c63bbfc468946f600
b51c93187fa1945ad56bf2b247e9160c0fc045cd21c004a1dee66602cf3cdbc0
b5ae1d95fa06016b422278b877198d5d3277b27c491d14c8557c4eb5d8bd2319
b73591b9b3e56652cd94798155b7048730a3e701902f080c6d95db44e6004538
b82d28afc20e615477613949f07b8a8864cf09b19541f413e14ff6e6f6a9056d
b8c33591d022950f84bc42d278bba901613d0658c419bbe5dd0af392b8dd2e0f
b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d
b9a79114a98fa0ab402c4ed864457eed17733f48f1bba40aac82d80d9f0ff752
ba6b1a5bd1d87cdf970da0f31a5da84c3945a24894779f9b927ed4e9af6d6ea9
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bacbc23a0ae5beab4436552edcfb7f88dc5deddedf701d646392116f6ea2034b
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde76de760a9791091b371bdab86ce5e086d8ad4bddfe18b17ba7443bc39bbba
bdff9b4135d8f61acb5736216e3aee9e0aa887630db89846f4ee1bbce8369f92
be52a84cc53846e3fa0d00849551eb591328ebb11e44dba8d041b5d4ea36cdb4
be7c3dbbb8fbafe5a2cd498c3afb85da32856354c0482cf156797c07840cd8ab
c04327df30ed98fc66b989428216d7c79902ca09c6edbebd0b0292e8f19043f1
c0f4ee83035b0aae01cb3e29056f63469dd07bc0eb852410f83365b911346ee3
c0ffcf44b96c336b14aa356ab1884f378e8f0e4f35c8b79310a86b5171c5e41d
c2741d56df1615df46cb420a2c8f53c961e6665fbdd3d36d72c88f648d202697
c2acc9a63cc0a9b85b1eb0f8205ef8c4327806c20c3f4981b481192da860ff0b
c2cb613dc7654d3f357674ce1a09abdeaf39f4365820fdbad4ca4bc2c3a41edd
c322c6f83c6ad4eb1e5be2b663fef3852e70addbdc49345aa5ebe761b3e957b1
c3c8a840523cbfaf32de76e8decd6d6aa6a3914ea36f811c4c8b0a1190368ed4
c41175ddbba421a4203d9401dd8b6deaf861fe8a94de6119c184245e5644abb1
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca
c4af77ef2821bd0a97760fd09ad351345be3cd2e10111759f304a0e7b770f390
c4bda55f972572bac18547b4ecda13c6d5788e25fdb1ddae0e3ee1c56e915774
c4d67d29cfa8ed5e468b0b9bd02bf5e66ef8994b4b0245b0e31cb72f642b4d1b
c6f62b777da45f80ae05b879db573a0f6fc5cbc351bc09a1d059e74976f6cae1
c70fdef209cafd69edc3772f7189d87ff99bb3c96f422103482d8fe58eb21aa0
c7f837ecf6d3bb1f7b5fe9d923bf06c40d635e3959fc164d81b3575210ad7eab
c81a4f34edeccc6ff9977a3a859df56c36e63ef132a20ec4bc82ef568b55f5b5
c854368f432b471ef7531c57e9b49eb1397ed7569dd29de9b7469e83477a6af9
c8e5eb70d0632dfec019600955aebe16aadebeeb27c979df218da1515aae84e7
c8eef62a31b18850097e892dc99ce4af5a795f451f424148f8463bd6b0162521
c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca83240c05ccf168cf37af4e0a3c7aad972eba950e1a534537309627fc53373d
cb75e80cd8fb75d3633949a9957bfa6460bb27d1a6d6f6dc611c9d8c170512d3
ccb876c6f8ba24896d970330cd4fcb92e65ec89f14c4eab8208f7189008ad97b
cda14ccc17b052b930ef0688cc893d17861baa61753d6e9abc6f9009fd7e8fb0
cdcbb7ce1d42f974cd2233669f1d3ef225620f309d864bef1af16d4754d95086
cdd2c81aadd2f0eeb770acc7652cf1c421271c05886f0ef337264c6fada0e142
ce9ff15629c33ff6ab236dcafed23a486deea443bcd9321d7c04a57e4b153592
cef01656a78526a479dcd2182f25352b44ebc5abe039f608ac3210a949a4fc74
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423
d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece
d035daf22a123ca8722e69b9feeda5ca16fa1959b0d66e5021e006b450cb8ecc
d08a2cb9ae91a52aa55f0e1ba880e051ae0950daa52336e5ce6b51e7d4c9f595
d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18
d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
d1306ad1c26ce36648efaa24d69b6d1a89eef95edf2980e692e09d2a77f5a3fd
d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
d285da50a8622a07c0bfae00d759bb81265faf7c3e5b164f339c41c32dd74b29
d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4174f8315dd02c68b8b7c727381fafe4c646f0862d6f31c7450f03685771e7f
d445b10d6bfaaf61918bab531e287c085784ca6f12ea5e4e6a4a473517daf6f3
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d4b968b4b17104f58619547ca23b6e51fb36a357c7fd55acb5989f69e3cbb450
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e
d78bfbcd19d1a0941c706950f5f6e7dc336456a28bb4a7d851c16b00073ca065
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d8a603f562d7f4fc6b7e901fbab65d3878d68506b04fc6149feecfc96b1bd024
d8b8c4c304be3320fd41260be7e00fcd381499e76bb239e397894c752de77378
dc0fd5809a658221b06aa20b82ffe59b28b68b0d92792f0ae7d5fe88fc78e144
dd451b46bc91427c1c1c1f2d4fdf72a71d302e0d77d4e0dade4ce00c0368d89b
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
dd70496d30d8217b02c6158848909e9fa168cad5a8c68a6a4b5b37de504b8500
de71d61b5404df2ee7e1d32f7c6ee1189ea60ea81025efa8e6b81ae72f394fd9
decf395ad45761069830e90d1241f83ef99d19e79e4906d48b8e339003d69f57
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
e13dd1d0f4364a034eb014fb2d644820962e105cca10d178a48dd61fe6eb9872
e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
e22faa88fba32ee15301bf1901c2a39a62432cdf487d16b8155ad1024c3ae150
e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a2d5989d546587b4fffdb316eeb070488e76243d139724068b248b2793f4d
e45413e7f1ca7bfb6d048fb2c633e74129b992e69165f57724b9aee91c34bae3
e4e4f52252651512f96d919c5983e3019010503aaf1c7d2441ff0a2dc1cf83d5
e541e264d45ab05d5891a30bd7fbf2e6310d18ce19715f794000b3fd9ca19379
e54e207ae4a8c322e6ba1a035a7f487d4493952fca8e0ebbec7262471b6e84d6
e5dc036bd00efe751a3fb50c76d665056cd0a24263f6bac82473d38984a05c9f
e67eac755b563ed17146f7516fa06d8d64cbd517572b1df233664e73624084f8
e6822f9da54ddd31b7fc3c61e47c8b2361daa829adadb3b73d6a02a5a722adf8
e78f6df8830ffdca0ac6216c162184ad906f109049923744b727cc5d76510302
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
e799cf6b7aa89815b706ee73237cb5874d4db056f1d0994ae6442aabed8dd3e3
e7fdc1d77879806a86eee62970a9b396f95533b609d7f5d94ab5a114fdbe3d45
e8b595117a19079c84d068fb40d01dd517ed6eb95236a1f980cb3bd2de0e6e10
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96
e8e88ed8a0b60995b8410a5427bef8700c4368735a23c9afd6908f6ff3fcf5a6
e958674123520c0c48fdcb99831818e694ae25bda4e6479a8600f3756bfd19d6
e9acc785bf7e9b8764f674dfb24f5c40594a53aebcfc560b51fe1bf8280cb655
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81
eb070ffe2c058cb1fa3dfc8e1eaf207de033b9bc97b7d936eeb86bfd5a5c60c7
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d
ecfbed11c9ed3f324e869c76e3025806948a6b51a0ac81bf6292042c9c245385
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef7c11bb77091f5ee218fcfce46dde1434d6036d3c1ba818631f6afb6defbfa0
f0249baeebadb2d33ae7d85090355fdb47e4d5101c3fda204b8f00b396a4f831
f0ace959680dfc46b228ac8f4e81ef49425d061af3875e7472e7d7a192660baf
f14424758ac432acca72ce4e2619d5b17e010670d6ad6242aa65245ce45f6e2b
f1609f547a7db295769d792f946dbdd3c4cb7837ba4b0dab157cc3f8f5800408
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f20906741718d2a73e05b1528e124116b788ee4dd3bb8eab5270ee0201b4c1bb
f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0
f3d594fadef6b29309c32468e782c4781880614d705a476f29f4de45e77d637d
f429b1a18a7e1a4cc03e8d7151e58e25f0226fb7ebaac2676d8d9373e48c9039
f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c
f441ed948637969a1ba0a1b6fbda51af23b5fdffc6ca6dee426d454c99581698
f454480953e6019ab84b5369452b343428d18f16884f83ec1fa6ff694b5c30a7
f48542aed5e230f43efa681204d1b94af1b66e71cd1be252d5df6aee297f8b20
f5a130fae6483ba4fd033c903a29537db75b5c9948193b42c63f20e9996cf384
f5b44cde893577dd2bf10bdaf7b3d654627f9a43255e6fb6c495800d99544944
f633b0443241e5d97fae3ec8efa46acf8cc2d7472731f6ce1817fbe81c0d39f2
f757c1aa85f17bfbbbc91f88fecc3d5d7ec1ef4c12a2c48e548bcbfe62e8a731
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f775322b10573e574fc3cb9f8ae4c8f890e9d73474c3489cfe815aecddeafd4f
f7c0c77e0a1e7c04d72c50ca488c61b04aa53e2a69b7efb6d1537d34dea14a4a
f865514efd53f7cda25e74bd902e27fab65f0136ffb541548c5cb3b0fb7f9702
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f8e46b73cfb8c4f8cb2a7b1fcfe26bc6811bdaa59a45962c5028f5fb9ef5e12e
f92c3865b6c2d3efb43fd7bb9c6da5b1b9987f83dbf24ff1aeac41cfc6a8413f
f9511f68695a3cff11d5710e6943c369b68dd5a03a815e8d72941b467bfea0eb
f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307
fa16371a2643975ccaec4345048782965515b8391a9302500d9b8cbed0830995
fa4eeef46c7543bdec8b7ba2bf5a5662f220a13aae696186c59246baa655f0b4
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096
fd77650d557f3dd251d834cfc1f1c1e0033489c146cbb868e1c480cbbbe20155
fe0a1f84d77e7e1b965a47f878c40f968405a00e9c7fd2e4a979fe61cf15de3b
fe6b21d044e510b936ac68ef0381ff6f03322f4aad440141e256b61e51e5f54a
ffdffff3dce6bc64be7e5717862e4a19a1e7bae5debb32503ba230f0cbfdb75d