maxi-malins.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3...
Effective URL:
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Submission: On April 27 via api (April 27th 2022, 2:15:40 pm UTC) from BE — Scanned from FR

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is maxi-malins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2022. Valid for: a year.

This is the only time maxi-malins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.107.232.127 185.107.232.127	200484 (SENDINBLU...) (SENDINBLUE-ASN)
2	2606:4700:440... 2606:4700:4400::6812:2291	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:90c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	63.35.247.163 63.35.247.163	16509 (AMAZON-02) (AMAZON-02)
18	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1600:e:3706:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2001:470:6e0a... 2001:470:6e0a::1b:243	6939 (HURRICANE) (HURRICANE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
75	22

1 185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)

r.fid4.tousmalins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2291 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.247.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-247-163.eu-west-1.compute.amazonaws.com

lk.tousmalins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

maxi-malins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1600:e:3706:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cc.cdn.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:470:6e0a::1b:243 (United States)

ASN6939 (HURRICANE, US)

apikeys.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 123	320 KB
18	maxi-malins.com maxi-malins.com	691 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	70 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	126 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	73 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 61 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	civiccomputing.com cc.cdn.civiccomputing.com — Cisco Umbrella Rank: 15476 apikeys.civiccomputing.com — Cisco Umbrella Rank: 15214	77 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	85 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 24810	2 KB
2	tousmalins.com 1 redirects r.fid4.tousmalins.com lk.tousmalins.com	2 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 30502	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 749	647 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	67 KB
1	sendinblue.com in-automate.sendinblue.com — Cisco Umbrella Rank: 26256	203 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1052	5 KB
75	17

	Domain	Requested by
18	maxi-malins.com	r.fid4.tousmalins.com maxi-malins.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	maxi-malins.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	maxi-malins.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	maxi-malins.com cdnjs.cloudflare.com
2	sibautomation.com	r.fid4.tousmalins.com static.cloudflareinsights.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	apikeys.civiccomputing.com	cc.cdn.civiccomputing.com
1	cc.cdn.civiccomputing.com	maxi-malins.com
1	www.googletagmanager.com	maxi-malins.com
1	lk.tousmalins.com	1 redirects
1	in-automate.sendinblue.com	sibautomation.com
1	static.cloudflareinsights.com	sibautomation.com
1	r.fid4.tousmalins.com
75	22

This site contains links to these domains. Also see Links.

Domain
www.civicuk.com

Subject Issuer	Validity	Valid
r.fid4.tousmalins.com R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cdn.civiccomputing.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
apikeys.civiccomputing.com R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Frame ID: 2FE5AF22012CD38D845AB024B008AB78
Requests: 38 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2080810
Frame ID: 307A68FB69EFBEE05AEA3F18FAA7C384
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html
Frame ID: 3BA7E91B272F75152AED69EB244B6E07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1651068936&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936748&bpp=2&bdt=333&idt=218&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5400399110724&frm=20&pv=2&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233
Frame ID: 93FDEFF80AB36343B412D6441A78993E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068936&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936751&bpp=2&bdt=336&idt=236&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ssz0tniqha&p=https%3A//maxi-malins.com&dtd=242
Frame ID: 4D0BCA757F9B4FDFA05FE7B31842EB2B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068937&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936753&bpp=1&bdt=338&idt=249&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Qd31eblInF&p=https%3A//maxi-malins.com&dtd=252
Frame ID: 5E8C1DC2A612374E1865596BE2C11D73
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 28012905E02EE102CF4EF6296DCD1F6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 6CC8E2D5CEB44EC4CF529A518E16B6A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F401B741F7665BF865D5FA41E161482
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65FF44AAE3CE304CC474D98746677A6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maxi MalinsCookie Control Close IconExternal Link IconExternal Link IconCookie Control

Page URL History Show full URLs

https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ1... Page URL
https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX1%2B9I6lmKwABc8uFDMHgGfpsUp47bGjvZmE2XKAyiq6jjH3Uu... HTTP 302
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaig... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

CIVIC (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cc\.cdn\.civiccomputing\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

75
Requests

99 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

22
IPs

4
Countries

1523 kB
Transfer

3151 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.civicuk.com/cookie-control
Title: About this tool(Opens in a new window)External Link Icon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqmBP1naLAy2nrIpifMXBkVILHKFkABf1qRYQOeiB3pJ5gchJ-shbCld15q4aTBrZr5Zjv547PLsC52m-fsHC3MidiA5qMtPdcQm3C9Ad-V6IIVKUnO2NCXjHYmU28f2K-Iz2gEP5-pLXPwi2Fr9sCMamhX8Pf3F7Rb883JDexsH8QWZUgvLi0HZzqWg51MbbVMWdToNQBQpBjA7ztlc1S5KMTF93l1HMmbR_9ahW3N0B7h0KfvmOnFSTuFcBy4WNSTiE8lpKXuZ5WMOHrJ-GwUr8pIrE4vAPUOTU9iMGcfOaZYPOBHp3wfnBHACnGMiZhhWlEbkU9-uVia3J_GIkJ Page URL
https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX1%2B9I6lmKwABc8uFDMHgGfpsUp47bGjvZmE2XKAyiq6jjH3UuM2aa4EfRNU9pKN7mO%2FawhIkonmKjUydFooYu85ZgLEhBRRKdM8%2BHiuYcOTdVx%2Bgtpw4Qnl6zbWcXZGfxbrJ9mZGptqw5Nc3BSksviwPYLTBzboJJMNaOq5zjeH%2B5vGxvqXezXV1 HTTP 302
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqm... Show response
r.fid4.tousmalins.com/tr/cl/ 1 KB
1 KB 88ms
32ms Document
text/html 185.107.232.127
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqmBP1naLAy2nrIpifMXBkVILHKFkABf1qRYQOeiB3pJ5gchJ-shbCld15q4aTBrZr5Zjv547PLsC52m-fsHC3MidiA5qMtPdcQm3C9Ad-V6IIVKUnO2NCXjHYmU28f2K-Iz2gEP5-pLXPwi2Fr9sCMamhX8Pf3F7Rb883JDexsH8QWZUgvLi0HZzqWg51MbbVMWdToNQBQpBjA7ztlc1S5KMTF93l1HMmbR_9ahW3N0B7h0KfvmOnFSTuFcBy4WNSTiE8lpKXuZ5WMOHrJ-GwUr8pIrE4vAPUOTU9iMGcfOaZYPOBHp3wfnBHACnGMiZhhWlEbkU9-uVia3J_GIkJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.107.232.127 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

5f9d03cd3db13ba46ee3e3faac4caca593105dc2df2f7a41d71248a79c0a2adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 1294
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:35 GMT
x-content-type-options: nosniff
x-sib-server: red2.dc3.51b.tech
x-xss-protection: 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame 307A 3 KB
2 KB 94ms
40ms Document
text/html 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?id=2080810

Requested by

Host: r.fid4.tousmalins.com
URL: https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqmBP1naLAy2nrIpifMXBkVILHKFkABf1qRYQOeiB3pJ5gchJ-shbCld15q4aTBrZr5Zjv547PLsC52m-fsHC3MidiA5qMtPdcQm3C9Ad-V6IIVKUnO2NCXjHYmU28f2K-Iz2gEP5-pLXPwi2Fr9sCMamhX8Pf3F7Rb883JDexsH8QWZUgvLi0HZzqWg51MbbVMWdToNQBQpBjA7ztlc1S5KMTF93l1HMmbR_9ahW3N0B7h0KfvmOnFSTuFcBy4WNSTiE8lpKXuZ5WMOHrJ-GwUr8pIrE4vAPUOTU9iMGcfOaZYPOBHp3wfnBHACnGMiZhhWlEbkU9-uVia3J_GIkJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

af716dc586d0fd7f0cd1238d762db655458a6a997031c645521c6edaaaa59378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://r.fid4.tousmalins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
age: 3865
cache-control: public, max-age=7200
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 70282bcfdb31cd8b-CDG
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 27 Apr 2022 16:15:35 GMT
last-modified: Wed, 27 Apr 2022 13:11:10 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Sails <sailsjs.com>
x-sib-server: SENDINBLUE-web1-2
x-xss-protection: 1

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 307A 14 KB
5 KB 113ms
60ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2080810
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://sibautomation.com/
Origin: https://sibautomation.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 70282bd08a443b8b-CDG

GET
H2 204 cm
in-automate.sendinblue.com/ Frame 307A 0
203 B 127ms
75ms XHR
text/plain 2606:4700::6811:90c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/cm?uuid=f8ea7e79-3ef8-4620-b57f-b3a65bbfc12f&key=lf0i5bwl6wymorl9vwyij&trans=1&message_id=9079d07f-57f5-47f4-8e37-fc3995b3ba20
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2080810
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 70282bd08e8199a4-CDG

GET
H2

200

Primary Request / Show response
maxi-malins.com/jeu-100-gagnant/
Redirect Chain

https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX1%2B9I6lmKwABc8uFDMHgGfpsUp47bGjvZmE2XKAyiq6jjH3UuM2aa4EfRNU9pKN7mO%2FawhIkonmKjUydFooYu85ZgLEhBRRKdM8%2BHiuYcOTdVx%2Bgtpw4Qnl6zbWcXZGfxbrJ9mZGpt...
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

60 KB
13 KB

451ms
398ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Requested by: Host: r.fid4.tousmalins.com
URL: https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqmBP1naLAy2nrIpifMXBkVILHKFkABf1qRYQOeiB3pJ5gchJ-shbCld15q4aTBrZr5Zjv547PLsC52m-fsHC3MidiA5qMtPdcQm3C9Ad-V6IIVKUnO2NCXjHYmU28f2K-Iz2gEP5-pLXPwi2Fr9sCMamhX8Pf3F7Rb883JDexsH8QWZUgvLi0HZzqWg51MbbVMWdToNQBQpBjA7ztlc1S5KMTF93l1HMmbR_9ahW3N0B7h0KfvmOnFSTuFcBy4WNSTiE8lpKXuZ5WMOHrJ-GwUr8pIrE4vAPUOTU9iMGcfOaZYPOBHp3wfnBHACnGMiZhhWlEbkU9-uVia3J_GIkJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5daeccc5bd9c243a2d1008fefd018b059fba083644e686f89f87851d9d5703

Request headers

Referer: https://r.fid4.tousmalins.com/tr/cl/U6cOAJMUlbEKqzIe-FiXWbavjn1bK99TMY0GJeLhq3K8yqGCFoUa8W3TWk9rosvYkAMLQ188Zbxoxz9UNG2kEiz1P3rgIRtjOXqusa-mxJKQf-ROAvCXHPYLW4wfLDyfz8v4acNP-9Ywvd4chKf2VEStvbe8k_ENwrQHPknYJVVSzvWEBAxCoUv29MYU7St8N7lqmBP1naLAy2nrIpifMXBkVILHKFkABf1qRYQOeiB3pJ5gchJ-shbCld15q4aTBrZr5Zjv547PLsC52m-fsHC3MidiA5qMtPdcQm3C9Ad-V6IIVKUnO2NCXjHYmU28f2K-Iz2gEP5-pLXPwi2Fr9sCMamhX8Pf3F7Rb883JDexsH8QWZUgvLi0HZzqWg51MbbVMWdToNQBQpBjA7ztlc1S5KMTF93l1HMmbR_9ahW3N0B7h0KfvmOnFSTuFcBy4WNSTiE8lpKXuZ5WMOHrJ-GwUr8pIrE4vAPUOTU9iMGcfOaZYPOBHp3wfnBHACnGMiZhhWlEbkU9-uVia3J_GIkJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 70282bd22d6e3ab7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 14:15:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://maxi-malins.com/wp-json/>; rel="https://api.w.org/", <https://maxi-malins.com/wp-json/wp/v2/pages/1008900>; rel="alternate"; type="application/json", <https://maxi-malins.com/?p=1008900>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O72Xh7hp3CGsBh%2F%2FWAPs2QmcGK%2B9e1AzFCsQCZHX3%2FwfoyYWKny32bQ6BgfjEJI67sEYtPflBw4RjbpYmOWWA0e00O%2BP53Uix%2B6Wa%2Bq0zctkc6w6Y%2BRvNakaIakmFje3gu1duz05jXYTvQDrTs0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

apigw-requestid: RPlxQgTgjoEEPvQ=
content-length: 296
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:35 GMT
location: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
vary: Accept
x-powered-by: Express

POST
H2 200 rum
sibautomation.com/cdn-cgi/ Frame 307A 0
58 B 28ms
28ms XHR
text/plain 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sibautomation.com/cm.html?id=2080810
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Apr 2022 14:15:35 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 70282bd0ec7acd8b-CDG
x-frame-options: DENY

POST rum
sibautomation.com/cdn-cgi/ Frame 307A 0
0

GET
H2 200 style.min.css
maxi-malins.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 38ms
36ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 20:31:15 GMT
server: cloudflare
age: 3195
etag: W/"145db-5dbee205c7976"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avOApt37icsi8K432SUUWfyhfh8U5GRETmFAMMFfzgwy8kJyfdzhy3Rst40hoFAzFtmxlWhVIc4wglQZJusUPYNJUgDCiYiBYjTzC8hIm2pX6CIDPHpHdTOkK47iee6jsi4RV2PjJDpcHusVULU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8df3ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dashicons.min.css
maxi-malins.com/wp-includes/css/ 58 KB
35 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/css/dashicons.min.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 May 2021 08:47:37 GMT
server: cloudflare
age: 3195
etag: W/"e688-5c2464bc05726"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plLC9yLyQxMGchwtUIEsW%2BfxxRE90nL5lmQG1c8KK%2BWpLlzE0Ib7379scpnqM0iWP537zFO5d9bAsmuRFqc4vsfTT7R8lG2JIVR9ESowWCpdEXY3RC%2FlC03%2FqMDHSerEzucIHwUWQXwTAq95agc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8e13ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend.css
maxi-malins.com/wp-content/plugins/post-views-counter/css/ 289 B
515 B 31ms
30ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 04:07:27 GMT
server: cloudflare
age: 3195
etag: W/"121-5d78df8be52a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAo33kbF3%2B3099zd04XkJcv2XRCT1G5LKjLw14q9mI%2BGNQcxixuaqsCxKeNAPfUh7XsL%2BYYu1Ff409LGYMLqLco2B6rKgchTFSvhGU4WKu0ccM9IVGq4SmF0BfkqeEDoyoyx3BZ9JV%2ByqF7Layk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8e23ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
maxi-malins.com/wp-content/themes/maximalins/ 341 B
478 B 35ms
34ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/maximalins/style.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 16:48:01 GMT
server: cloudflare
age: 3195
etag: W/"155-5b9d06ae8db81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFA1VXnGsU%2B2QCMoCRQHo24iJg9VnEQvmP1yKLqW4f%2BaHhtl8FEetgpA%2FIlSd8ik6Fe22M4O%2F37UI7mRtrueO8cdJFpAreN9SdskreWBA%2FSNl1xLMJINM9YrvbsxbbDK1kdsJaUEq5feNaaTLg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8e43ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 55 KB
10 KB 94ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1856631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9939
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-da9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js0ORt%2FpEFX9ExxrHW66R9efyg5LHEZoi9uagCaA4Q42Vd7mizggBeEOYe86qXjDcFrxohAwbQ37KPNXiGND0OKlcI2PP%2FFfSSjM9IiTMgVwpkJh5OgPSrAix%2FxIV9wgdLTAhpmAua8lLT8S%2Fuuf43Su"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70282bd50a40edef-CDG
expires: Mon, 17 Apr 2023 14:15:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 103ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:45:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:36 GMT

GET
H2 200 rose.css
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 174 KB
28 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/rose.css?ver=2022-04-27
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5074086342f5b23b2dfdcddf05f6e40f4fe0a6ee1cbfe0efaaa971e0563e3ec4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:45 GMT
server: cloudflare
age: 785
etag: W/"2b699-5dd90357091e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meZw%2B2jutcrupCTflovTjlbWn68hwPdhmmIYszfMJr6AAfD5iEuzbbGHRuECa6RGZE5hU0Dhf6FI9Vyh9C9L2wS%2BTVYcq4KmG4f5kaqFvjcJgHhqWP8uhfLEBJjo8IGCw4ncG9XH96o%2F3FV5C3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8e53ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.min.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 263 KB
82 KB 60ms
59ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/app.min.js?ver=2022-04-27
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c20ab6f813c37af408127ac5f12ff420fcf01a1c4d5081eea2844d8761dec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:45 GMT
server: cloudflare
age: 785
etag: W/"41bc9-5dd90357091e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ww2Z4jj5V5ojT0Ok88EehUCINhPF2JwTIpiLmIb%2F9GFLPqmk%2BkonQAMIcJsbChiCzsU%2BmAMQTghlDEE7Hsz%2Bn4Wo9TI6%2B6Bza5IDuEl5nE3ylwXiBn0C2EQ%2F6aIJUw1h86FAXLGzGZkcxUzxGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd4b8e73ab7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
67 KB 108ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9c545fbefdbf853a803331ba5a91fe2bb8c6bcff8d73a4c4a2b9c2f85348f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67733
x-xss-protection: 0
expires: Wed, 27 Apr 2022 14:15:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
54 KB 127ms
61ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a827d2666bb4b9c5a6feef13b9c07cc60a476b0173afe8f2b489ac620a6c9d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54571
x-xss-protection: 0
server: cafe
etag: 11762777243326919484
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:15:36 GMT

GET
H3 200 Logo-Maxi-Malins.png
maxi-malins.com/wp-content/uploads/2020/06/ 74 KB
74 KB 147ms
146ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/06/Logo-Maxi-Malins.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75489
last-modified: Tue, 30 Jun 2020 09:22:46 GMT
server: cloudflare
etag: "126e1-5a949b7e332c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zU6WujDD1CkpPoiGNKXwC49OD5kjpjUmW3sgSyccQslZl0E60LYj6dfJtJuRkxP2mq9%2Fx7brwm4sETy7rWApg%2FZ%2BAbgoWhS9cpUGDfWwpe3DtbDOW1MO7Wo6C9pzjyNnwp6WVm3GyqdWJv809U0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd57b52ede3-CDG

GET
H3 200 Ce-ebook-GRATUIT-.jpg
maxi-malins.com/wp-content/uploads/2020/11/ 35 KB
35 KB 123ms
121ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/11/Ce-ebook-GRATUIT-.jpg
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870b20a6ea759c00a27f8433bcff0413972ed9c17251a9d2bca11a2052671ce2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2445
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35534
last-modified: Tue, 17 Nov 2020 14:29:55 GMT
server: cloudflare
etag: "8ace-5b44e5421df6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANwqZLJqLwyKcvplzsViuoGtALUXJscNwJil%2BSh97LsFTFjk%2BEi6dL%2FUxhTHD2y9kKGCYkEetQB2uBz4KyFazhZxL7NC0kQGxx8BzcgBjjxi%2F%2BGSq4K0rmdU50w2sYQq6Jp4YR%2FEiYibr15BArQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd57b54ede3-CDG

GET
H3 200 lampe-maison-berger-parfum-recharge-lolita-lempicka-a-gagner-jeu-concours-facebook-maison-berger-france-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 125 KB
125 KB 36ms
35ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/lampe-maison-berger-parfum-recharge-lolita-lempicka-a-gagner-jeu-concours-facebook-maison-berger-france-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5dbfe54bd0cb819c9635229dfb3bd089a0167038d32c41e2e8f59af6df346a8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127641
last-modified: Tue, 26 Apr 2022 13:46:13 GMT
server: cloudflare
etag: "1f299-5dd8eea88372e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bjj9scw%2FUZ0rzi7tT%2FQd0fcRbmJl5hZ9SH%2Buc4SQNXU2jWavdh31n3SDaiNIh8wqCR0Dg8%2FGMeqovAvIxjMkvrUR6MCAs1RlL3sNWFs0lekawoJ5ZuoM8EBb%2Fs1mGrg0iDuhgh8wNe3PMq4t9Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd57b57ede3-CDG

GET
H3 200 produit-beaute-gratuit-a-tester-shampooing-reequilibrant-masque-poudre-galanga-klorane-test-sampleo-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 124 KB
125 KB 46ms
45ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/produit-beaute-gratuit-a-tester-shampooing-reequilibrant-masque-poudre-galanga-klorane-test-sampleo-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe36a4cec90ca1d4c554141d7ad01acb5567f3d7ee09030b05930d987853c38a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127063
last-modified: Tue, 26 Apr 2022 13:32:02 GMT
server: cloudflare
etag: "1f057-5dd8eb7d53b3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eUS514NN7mIMhobiswYHQExTknNf70xlrMpwKjKLvJ0HnCyRg3RtapXW8nTILkldCf2Kv7XzdUjBelAo6tjRwilP2aphwJ9ChZ%2BMlBffB9%2FQP%2FSAZ3AwT%2FPeOYZMXggcjZR1HB%2F5QvvEQ7gJDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd57b58ede3-CDG

GET
H3 200 sejour-copenhague-danemark-carte-cadeau-jules-a-gagner-jeu-concours-jules-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 147 KB
147 KB 201ms
200ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/sejour-copenhague-danemark-carte-cadeau-jules-a-gagner-jeu-concours-jules-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118fe612a0ad8a65ecdcc18763e92d7b9d6ee03cb40e4a6c0c684ff8f3ffe75c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150112
last-modified: Tue, 26 Apr 2022 13:31:49 GMT
server: cloudflare
etag: "24a60-5dd8eb7047e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLISIA5QqaPsy93re5xzUWVzJZ5ZM%2BYt1qvkZbKGAxMhT89no4IqGM6vrG5mbaRNbls%2F4URGlAC89zNmsjI8Gd1hkPbrfPHDXH%2FLYY3od4RhktEPEQCFzsGHLRMzKEZp%2Fhkyf%2FVLSZ4ZQXC%2B%2BmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd57b59ede3-CDG

GET
H2 200 cookieControl-9.5.1.min.js Show response
cc.cdn.civiccomputing.com/9/ 285 KB
76 KB 78ms
28ms Script
application/javascript 2600:9000:20eb:1600:e:3706:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cc.cdn.civiccomputing.com/9/cookieControl-9.5.1.min.js?ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1600:e:3706:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f9965505920b2915bf1f23a2421aa5f83bfb72105eb88917ea1d549abee0192d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 13:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1010
x-cache: Hit from cloudfront
x-xss-protection: 1
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jan 2022 09:48:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "47585-5d573950dedf1-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: 3FgGwWYXS2SHyrKo70AQk3r3I09-GOGSOcAyR8NvfKEdVyaLyOihzw==
expires: Wed, 04 May 2022 13:58:46 GMT

GET
H3 200 script.js Show response
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 3 KB
1 KB 38ms
37ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/script.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 05:15:00 GMT
server: cloudflare
age: 3195
etag: W/"aee-5bd27bfad32a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvGlzvQ7YC1HErC7B8p5QZD2bx56CIJfE%2Fh1TYDUVpCLEGulU34uyx6xv5Sak5iOBHuwV77IBR7%2BWc5oSagG8f2LfKnBg9FQWeOLJkr%2BZ4Pe7XmHH7xBVYnmRQAlC42ckYVsyCa67TIVrVwRHSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd56b2eede3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scriptcoreg.js Show response
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 3 KB
2 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/scriptcoreg.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 05:15:00 GMT
server: cloudflare
age: 3195
etag: W/"ded-5bd27bfab8cc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M63mqaO6bKunyt6kN3t5JBscpvR%2Bl%2FLEKZpEXNJxNUl15jTcHlv7dMOSv7WUHCKYsPlKPWOAEcro%2FEm11KEhQ46LezA38ijY0nAdPwwB1RCeXY1ctnkKH8KpklYHyhqjNCUDdp%2F55l2SXnRxK8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd57b4eede3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navigation.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 3 KB
2 KB 122ms
121ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/navigation.js?ver=20151215
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:44 GMT
server: cloudflare
age: 3195
etag: W/"b97-5dd90356e1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWCg1JOrff%2F2j6NulUbh17XBwR8eTcI4aY3LzrDPNDJAs8SsXKwjekwiXut2JIVPqTJ19sc%2BmCX8wdXYDoqp2%2F36Yr5icdUEELI7emfNvSo2%2FnzKmyWP6tvAImIPTCkx3sW7lJfG4zD07KMAFTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd57b4fede3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 685 B
929 B 97ms
95ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:44 GMT
server: cloudflare
age: 3195
etag: W/"2ad-5dd90356e1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z11LtJXBW0%2FtH%2Fnmz%2FfeuVYdHKol6n13xkKlcb7ESQVBdMaTOdf8zmZB6JwYQpcJyMpH08rHEoL25WS1%2FLa8JOXY5ycAM%2FJTCGR%2B0rvqPYObtwtSdyoq5Xw1lfdlhBpEt3myLlHe8V%2BS%2B%2Bw9bCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd57b51ede3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
maxi-malins.com/wp-includes/js/ 18 KB
5 KB 211ms
210ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 11:06:09 GMT
server: cloudflare
age: 2940
etag: W/"4705-5d35586ba54ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLr%2FKhxqSAPr5EPV50IiIn0ilhOgP%2F5YhC86jH5Z1IjZ44mulI7PHP%2Fc%2BYVoi5rbNGW%2FYNqJ%2FVVsCRHG4RBT%2FRUj6ZI6nnFXMMWLCUUyQAzy2h5O%2FkzOgJBFM35WHtoFdbnSSDTBMSCDP4vJg8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282bd57b5cede3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 92ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 76047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:09 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 74 KB
74 KB 62ms
34ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1856623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-126b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT0qsdfj2EkeWmwJcm34iIt0TU9js04XQh3UDb71X5aDVLawSsi2OEniX5USJtMmXDxvlTLCXHwLedyAZBxYh%2Bx%2BHhyZWwsX2pwTzPVYRHfHOxkUXranEMX01%2FJUuGsKYDnmXrq0H72mVUE%2BU39moXo9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70282bd5aafecd9f-CDG
expires: Mon, 17 Apr 2023 14:15:36 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 102ms
55ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 76047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:09 GMT

GET
H3 200 Sans-titre-29-150x150.jpg
maxi-malins.com/wp-content/uploads/2020/10/ 3 KB
3 KB 125ms
124ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/10/Sans-titre-29-150x150.jpg
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fce91440faa35dfe27f50bad5c58565f60b2838d3bae9d5027820ce3142f8a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2996
last-modified: Wed, 07 Oct 2020 14:52:30 GMT
server: cloudflare
etag: "bb4-5b115dd669d6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlPiVZrvMi1i4xfcKnGy2oeqYQdmzji0%2B6NDZBxGS%2BZ6mSKD4quxL2Iy%2Bjdhx5KPrqlkdEUtuguroWL4Req%2FIVAMcrqprrwzk73gRSN22AmelaIAxjMvZLC9znmsCrc8YT7Q8qAS1B1OscitUZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282bd60be1ede3-CDG

GET
H/1.1 200
OK v Show response
apikeys.civiccomputing.com/c/ 144 B
650 B 155ms
40ms XHR
application/json 2001:470:6e0a::1b:243
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://apikeys.civiccomputing.com/c/v?d=maxi-malins.com&p=CookieControl%20Free&v=9&k=28d4008103494050a67ed420350e9553f883735b&format=json

Requested by

Host: cc.cdn.civiccomputing.com
URL: https://cc.cdn.civiccomputing.com/9/cookieControl-9.5.1.min.js?ver=5.9.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:470:6e0a::1b:243 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

Apache /

Resource Hash

94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/json, text/plain, */*
Referer: https://maxi-malins.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-apikeys: hit
date: Wed, 27 Apr 2022 14:15:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
vary: X-Forwarded-Protocol
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1
cache-control: max-age=7200, private
transfer-encoding: chunked
access-control-allow-headers: origin, x-requested-with, content-type
x-content-type-options: nosniff
expires: Wed, 27 Apr 2022 14:36:51 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 100ms
35ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T2MYSRZFQD&gtm=2oe4p0&_p=620546677&_z=ccd.NbB&cid=1172479711.1651068937&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1651068936&sct=1&seg=0&dl=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&dr=https%3A%2F%2Fr.fid4.tousmalins.com%2F&dt=Maxi%20Malins&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://maxi-malins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 305 KB
109 KB 115ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5460478803852549&plah=maxi-malins.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8053fbd57aa1f4ac82172c9a229c0fdcb53ed0be84cf79264366214542e850e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111284
x-xss-protection: 0
server: cafe
etag: 17761029972259215619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:15:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/ Frame 3BA7 10 KB
5 KB 93ms
29ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 75597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 17:15:39 GMT
etag: 3347421328414474149
expires: Tue, 10 May 2022 17:15:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 105ms
36ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=maxi-malins.com&callback=_gfp_s_&client=ca-pub-5460478803852549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5460478803852549&plah=maxi-malins.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

eb72e413c5167b3d303c202699ee702d2e8eccec21e2819008200572f194fe82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 102ms
38ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=maxi-malins.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
40ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=maxi-malins.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&tn=DIV&id=ccc-overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93FD 0
19 B 155ms
98ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1651068936&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936748&bpp=2&bdt=333&idt=218&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5400399110724&frm=20&pv=2&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:37 GMT
expires: Wed, 27 Apr 2022 14:15:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D0B 97 KB
33 KB 868ms
822ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068936&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936751&bpp=2&bdt=336&idt=236&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ssz0tniqha&p=https%3A//maxi-malins.com&dtd=242

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96c7e521bb3a04c229ce9ab1db8e7a69315b158d386f0d2f948d3a5ad11f7ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33315
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:37 GMT
expires: Wed, 27 Apr 2022 14:15:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E8C 95 KB
32 KB 1007ms
972ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068937&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936753&bpp=1&bdt=338&idt=249&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Qd31eblInF&p=https%3A//maxi-malins.com&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afeeefc48dd8678b5d3bc8678243f6c4d0d9b84ef079bcb82d1082f30214d458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33232
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:37 GMT
expires: Wed, 27 Apr 2022 14:15:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 4D0B 8 KB
892 B 98ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068936&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936751&bpp=2&bdt=336&idt=236&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ssz0tniqha&p=https%3A//maxi-malins.com&dtd=242

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:40:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:37 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 4D0B 2 KB
984 B 124ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame 4D0B 19 KB
8 KB 116ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:10:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 4D0B 3 KB
1 KB 116ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D0B 119 KB
37 KB 126ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 4D0B 15 KB
6 KB 119ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:03:45 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 4D0B 30 KB
13 KB 110ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D0B 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr2nvCVBpYpiFBfGZ1fAPpP2MiAur84fcaezxs4WrD7LD0KGMDhABIPqPv3xg-wGgAdyv0r0CyAEJqAMByAPLBKoE7gFP0AnSlHucAJSv6JCME3mleOEW2L-pYiyzaAFyefWf4Q2vfBlqTnIQJldQ9wnM4ELsBoZNtm5_oDHktbPurIRfIoxjPovKvZWJItbtAPtVDxioRKvDqC_Llku4fCcsurkQy3YDD6shJSk1THsacNtZljj91B4NhShETR0DkuiNBTydb2aAnH2uiI7N5eFcnzbgtaEpJWTOt7QkpsdpGswKb1YN6h-sGVK9rpQlXvvqxgrKRnEZAhJkww1E1kzXrmEcYch8alcsYW1Kx1A5RFt67pzUEfH8nUEV9m-A0Tl3hxFbspU5ogiwTyneJSILwASS6ojf2AOSBQQIBBgBkgUECAUYBKAGLoAH64no9AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRC5744D0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NDYwNDc4ODAzODUyNTQ5GAA&sigh=JpkKbM44Qzc&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068936&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936751&bpp=2&bdt=336&idt=236&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ssz0tniqha&p=https%3A//maxi-malins.com&dtd=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 14:15:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Apr 2022 14:15:37 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7646780825183979807/ Frame 4D0B 42 KB
43 KB 111ms
35ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7646780825183979807/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7206175ee6eff1d58528293ae6fa578cee589b0ce8054c962c3f86e844c97d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 23:18:23 GMT
x-content-type-options: nosniff
age: 572235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43323
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 14:18:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 23:18:23 GMT

GET
DATA 200
OK truncated
/ Frame 4D0B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4D0B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 5E8C 8 KB
892 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068937&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936753&bpp=1&bdt=338&idt=249&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Qd31eblInF&p=https%3A//maxi-malins.com&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:48:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:38 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 5E8C 2 KB
904 B 88ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E8C 0
0 72ms
72ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_E8sCVBpYtr6BIi21fAPuaiAePDF79FpkYPVmvUPq9O54LAPEAEg-o-_fGD7AaABvpyJ9QLIAQmpAiH5dxYEv7E-qAMByAPLBKoE_gFP0FsicJs05t8d5520Z2GI-JA-9PmmIjJxBelMZV0O6LVDpgWRWsT74qTVth0Lwp5-0pGA_FCYDzBZn2tuyWpH0Y-CFMFlEEkCJ2JJ2jNEu-SC30pLVHzofEL0LxmIQBjc50y1KkzT-avH6aQHvZmFGLghIHaTud9BTf-pdmfXbtuvm4K4Mcs2utJPyj0rHciMLLAyKP_5BXmvVWTRwU0XN4Y2RRZTdLJRHrHTeyfsdCsK6GkSlylUTGOHt_gaGB0xVZ6_JcMvuP-oylE_k_H0H7Ep1NfqPBN7Ty39Ef6yrVAsAOxmyoR75ZsKSfKbMyV1p_j6xeTKznvh6IcIRMAEnvrmx70DkgUECAQYAZIFBAgFGASgBi6AB6rj9ooBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQyOKDAtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNTQ2MDQ3ODgwMzg1MjU0ORgA&sigh=wEGvPQMaJwk&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068937&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068936753&bpp=1&bdt=338&idt=249&shv=r20220425&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5400399110724&frm=20&pv=1&ga_vid=1172479711.1651068937&ga_sid=1651068937&ga_hid=620546677&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762586%2C31067067%2C21065725%2C31064019&oid=2&pvsid=618655877254903&pem=513&tmod=1047109155&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Qd31eblInF&p=https%3A//maxi-malins.com&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 14:15:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame 5E8C 19 KB
8 KB 83ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:10:16 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 5E8C 3 KB
1 KB 104ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E8C 119 KB
36 KB 100ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 5E8C 15 KB
6 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 13:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 13:58:52 GMT

GET
H3 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 5E8C 30 KB
12 KB 86ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9090950888961185166/ Frame 5E8C 20 KB
20 KB 89ms
38ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9090950888961185166/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b816a137ce9b721cf0468db60b9e2544bf3f1c0354ea3d9f7fb9d6af7ff0ad13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 05:20:08 GMT
x-content-type-options: nosniff
age: 204930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20169
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:06:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 05:20:08 GMT

GET
DATA 200
OK truncated
/ Frame 5E8C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5E8C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4D0B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72ae8b6e826eeefcac3095830a53572898b464377e9949843be3cf90b0c89efc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 4D0B 28 KB
28 KB 86ms
29ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 57811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:07 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2801 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
DATA 200
OK truncated
/ Frame 5E8C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 782cd0d16071e4e8cb46de1f95165110fbc23f825ca143f660fef568d5730f8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 5E8C 28 KB
28 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 57811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 104ms
45ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220425&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c209e54b35b790e0fc43ea5a32ec4f5cd2fd11578066e35d59cd2b4d4f76a71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10606
x-xss-protection: 0

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CC8 35 KB
13 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F40 13 KB
5 KB 28ms
28ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 13:53:08 GMT
expires: Thu, 27 Apr 2023 13:53:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65FF 783 B
1 KB 103ms
39ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5a62d10677e4084a029682337da3f6e22a65d38b0ebc7985d09ed65bfbcdc7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5PWmXj9FoSORpI9lzrd+pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-5PWmXj9FoSORpI9lzrd+pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:38 GMT
expires: Wed, 27 Apr 2022 14:15:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F40 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65FF 0
0 76ms
76ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220425&jk=618655877254903&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F40 0
9 B 28ms
28ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vc8noQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220425&jk=618655877254903&bg=!AQKlAkbNAAYXWUUuN1k7ACkAdvg8Ws7hR54NjADNZJArWv-Bky9Gi0JkJK4HKvRzGYtM96Lbkcg3RQIAAABMUgAAAAhoAQeZArOin5sT34L0fUt3JA6qzIHcHMpMUhOo3MNtzd_kYnaM7ZYuGId_EtSfI_8bTB_LQZc3fFCa00zLquC4ttIphu9qYWVoxCQQz0RPgV5nLbRZ8RFvlPQIY25AuYkh_GPKKdFxwhUq3urc_iLkvh0eV3HyGlbkoSSeSak7BZV5vQix5wsC1vIvnsjTtfjDPT67n8Biwlru0vxbfAUjk3cpYoHIehvb_xjFCUAY96KAepOi1kOgjmqrt6TME3KE0lfo8Fb-PxAsJ3YJf3UcticP0EQgEJKuSmveIWece0SrGla8qTqS3ye3vKTe-L4ncYcBLm0eXLNPWp7Qcc5dN_71KzZNxAtIrdTOoGHY6cGgyZMeOCYuqYAYP9IFiV4NAhm67hp1IRHhw1SnEX8elrzGjw4ZxTnrE8w0ltY_YwvrtnQmqa0GMynq3QAeoMtOPtbE_OmPRBx10gtRygL1YzYolC71fcEFux9BGGZ2FoAz2uvQ9iM_npTUqI5W1y3Oz3FRvX9mkYlPEnMjnxxcRoQONpgI98PS3W-yZl9c_iYHShru7c_jsVy8Kmb9GinZ8d0NGbPP0Bw8fTojgC8hE4_2MAtNHyTA1hEtXQeAccCQWSW1U552hwkI9x0hf1Hd8HpfaMIxnjCbQIRfXtInCjTVU_FkxYKJR25SsfX-cgcJamWEdWfDl6ZgfDd4rqsXxsrVwi96CYUm0E0x7yI7o7sYcOTUzHU0oWSGA5MedQE3JyNlCwmwv0bMsZVcr816L4Qfa1U5S7XNVV78AagNrMpMSX3EuUxtMVtxJK3WmJNviehow6LDWyouDSv-juPTSnnOsJfacP5SYQQHVFlL1JcR_bpXr-FxEOQqpLdtxw8qHRVFxhQ1mHl9yQP4S2IFYd08hYM7Tod6B9paDp-oaL1JnbhlZCyF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D0B 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRqCcRlup96SFfQHYfeppszOjHsbyAT8QmeWq9Cj9mkPpP93NEXIoF4i3oM02jEY0zMMQwixmYRxE00n7PK2qVX-DOqvZ84SclEzb69x1h4jPRJWa0Sg&sai=AMfl-YTgFHyyg0rDeGJAAC5ozcm24Vl_HVz0_bVAGRnMlQdDZCIb04rZJ_udkfXZKJtI_g3ebAymJC2jm4f8&sig=Cg0ArKJSzLMBZ_ZSBUr8EAE&id=lidar2&mcvt=1001&p=0,0,280,1110&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4011229509&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651068936994&rpt=1107&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sibautomation.com
URL: https://sibautomation.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sibautomation.com/	1970-01-20 06:59:03	Name: uuid Value: f8ea7e79-3ef8-4620-b57f-b3a65bbfc12f
maxi-malins.com/	1970-01-23 18:13:48	Name: dt_session Value: 81e19398-c634-11ec-8dfe-ac1f6b00d584
.maxi-malins.com/	1970-01-20 11:23:24	Name: CookieControl Value: {"necessaryCookies":["wordpress_","wordpress_logged_in_","CookieControl","dt_session","wordpress_*","CookieControl"],"optionalCookies":{},"statement":{"shown":true,"updated":"10/06/2021"},"consentDate":1651068936671,"consentExpiry":365,"interactedWith":true,"user":"95C1B947-5405-413E-A5D8-9D9C827D1AB1"}
.maxi-malins.com/	1970-01-20 11:59:24	Name: __gads Value: ID=001c6125c9e00396-22550c1184cd00bf:T=1651068937:RT=1651068937:S=ALNI_MbKmaZtZV46AI29cH9PcTokfsix-Q
.doubleclick.net/	1970-01-20 11:59:24	Name: IDE Value: AHWqTUm_cGT_6QJtgvJhOKUX3Qtgz_JdFGJXi_uLQD_1aH5CIXzzHaL05owMDE7Tiis
.doubleclick.net/	1970-01-20 02:37:49	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
apikeys.civiccomputing.com
cc.cdn.civiccomputing.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in-automate.sendinblue.com
lk.tousmalins.com
maxi-malins.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.fid4.tousmalins.com
sibautomation.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
sibautomation.com
142.250.186.34
185.107.232.127
2001:470:6e0a::1b:243
2600:9000:20eb:1600:e:3706:bd00:93a1
2606:4700:4400::6812:2291
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:4700::6811:90c
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2004
2a06:98c1:3121::7
63.35.247.163
118fe612a0ad8a65ecdcc18763e92d7b9d6ee03cb40e4a6c0c684ff8f3ffe75c
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1d5daeccc5bd9c243a2d1008fefd018b059fba083644e686f89f87851d9d5703
1fce91440faa35dfe27f50bad5c58565f60b2838d3bae9d5027820ce3142f8a1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
5074086342f5b23b2dfdcddf05f6e40f4fe0a6ee1cbfe0efaaa971e0563e3ec4
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d
5f9d03cd3db13ba46ee3e3faac4caca593105dc2df2f7a41d71248a79c0a2adc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
72ae8b6e826eeefcac3095830a53572898b464377e9949843be3cf90b0c89efc
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
782cd0d16071e4e8cb46de1f95165110fbc23f825ca143f660fef568d5730f8b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
8053fbd57aa1f4ac82172c9a229c0fdcb53ed0be84cf79264366214542e850e4
814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a
870b20a6ea759c00a27f8433bcff0413972ed9c17251a9d2bca11a2052671ce2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e
96c7e521bb3a04c229ce9ab1db8e7a69315b158d386f0d2f948d3a5ad11f7ee0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a827d2666bb4b9c5a6feef13b9c07cc60a476b0173afe8f2b489ac620a6c9d69
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
af716dc586d0fd7f0cd1238d762db655458a6a997031c645521c6edaaaa59378
afeeefc48dd8678b5d3bc8678243f6c4d0d9b84ef079bcb82d1082f30214d458
b5a62d10677e4084a029682337da3f6e22a65d38b0ebc7985d09ed65bfbcdc7b
b816a137ce9b721cf0468db60b9e2544bf3f1c0354ea3d9f7fb9d6af7ff0ad13
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c209e54b35b790e0fc43ea5a32ec4f5cd2fd11578066e35d59cd2b4d4f76a71a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7206175ee6eff1d58528293ae6fa578cee589b0ce8054c962c3f86e844c97d6
c9c545fbefdbf853a803331ba5a91fe2bb8c6bcff8d73a4c4a2b9c2f85348f5c
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb72e413c5167b3d303c202699ee702d2e8eccec21e2819008200572f194fe82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f55c20ab6f813c37af408127ac5f12ff420fcf01a1c4d5081eea2844d8761dec
f5dbfe54bd0cb819c9635229dfb3bd089a0167038d32c41e2e8f59af6df346a8
f9965505920b2915bf1f23a2421aa5f83bfb72105eb88917ea1d549abee0192d
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
fe36a4cec90ca1d4c554141d7ad01acb5567f3d7ee09030b05930d987853c38a

maxi-malins.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

86 %IPv6

17 Domains

22 Subdomains

22 IPs

4 Countries

1523 kBTransfer

3151 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

maxi-malins.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

22
IPs

4
Countries

1523 kB
Transfer

3151 kB
Size

6
Cookies

75 HTTP transactions
6 data transactions