maxi-malins.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1Ugh...
Effective URL:
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Submission: On April 27 via api (April 27th 2022, 2:15:52 pm UTC) from BE — Scanned from FR

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 73 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is maxi-malins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2022. Valid for: a year.

This is the only time maxi-malins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.107.232.127 185.107.232.127	200484 (SENDINBLU...) (SENDINBLUE-ASN)
2	2606:4700:440... 2606:4700:4400::6812:2291	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:90c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	63.35.247.163 63.35.247.163	16509 (AMAZON-02) (AMAZON-02)
18	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7a00:e:3706:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2001:470:6e0a... 2001:470:6e0a::1b:243	6939 (HURRICANE) (HURRICANE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
73	22

1 185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)

r.fid4.tousmalins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2291 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.247.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-247-163.eu-west-1.compute.amazonaws.com

lk.tousmalins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

maxi-malins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7a00:e:3706:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cc.cdn.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:470:6e0a::1b:243 (United States)

ASN6939 (HURRICANE, US)

apikeys.civiccomputing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 123	328 KB
18	maxi-malins.com maxi-malins.com	691 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	70 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	126 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	73 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 61 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	civiccomputing.com cc.cdn.civiccomputing.com — Cisco Umbrella Rank: 15476 apikeys.civiccomputing.com — Cisco Umbrella Rank: 15214	77 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	85 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 24810	2 KB
2	tousmalins.com 1 redirects r.fid4.tousmalins.com lk.tousmalins.com	2 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 30502	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 749	647 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	67 KB
1	sendinblue.com in-automate.sendinblue.com — Cisco Umbrella Rank: 26256	203 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1052	5 KB
73	17

	Domain	Requested by
18	maxi-malins.com	r.fid4.tousmalins.com maxi-malins.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	maxi-malins.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	maxi-malins.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	maxi-malins.com cdnjs.cloudflare.com
2	sibautomation.com	r.fid4.tousmalins.com static.cloudflareinsights.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	apikeys.civiccomputing.com	cc.cdn.civiccomputing.com
1	cc.cdn.civiccomputing.com	maxi-malins.com
1	www.googletagmanager.com	maxi-malins.com
1	lk.tousmalins.com	1 redirects
1	in-automate.sendinblue.com	sibautomation.com
1	static.cloudflareinsights.com	sibautomation.com
1	r.fid4.tousmalins.com
73	22

This site contains links to these domains. Also see Links.

Domain
www.civicuk.com

Subject Issuer	Validity	Valid
r.fid4.tousmalins.com R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cdn.civiccomputing.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
apikeys.civiccomputing.com R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Frame ID: 810B344A7DD2531529CA3C2C24F27567
Requests: 36 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2080810
Frame ID: E33A91E1E655531527B82B3C50B7C322
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html
Frame ID: 167EB24587CC3EE915BC5EE43856B392
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1651068948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948673&bpp=2&bdt=358&idt=186&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5292998644805&frm=20&pv=2&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: D7F99E32018C848D4C2CF736FBF9C5AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948675&bpp=3&bdt=360&idt=203&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=udhB4pBixJ&p=https%3A//maxi-malins.com&dtd=209
Frame ID: EFFA77F9E92F5F64196420DC26BE0927
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948678&bpp=1&bdt=364&idt=213&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wF8pP9XtoE&p=https%3A//maxi-malins.com&dtd=217
Frame ID: C976305DBEB1EB6E9263EFFD35300D65
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: DCCFE6CFABF185CEB12AD3D950901D69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 46DC103DD71F1CA87B46401BC72A2699
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7640D5696BEEEEBDD206F28B0407D6A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA4B2F4FFE96E905357B8AF4F4FE65C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maxi MalinsCookie Control Close IconExternal Link IconExternal Link IconCookie Control

Page URL History Show full URLs

https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37... Page URL
https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX19d3NPTUYXG7lx8ZzKV5NnJ95cmBL8N46E%2F8M0gRqOGXi2qp... HTTP 302
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaig... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

CIVIC (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cc\.cdn\.civiccomputing\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

73
Requests

99 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

22
IPs

4
Countries

1531 kB
Transfer

3163 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.civicuk.com/cookie-control
Title: About this tool(Opens in a new window)External Link Icon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBBT4omqHa-XFcuDL8brGeHjwXmpUXYeNQeJRSQdHiNUG0doXUEF_rkTpz_Z7k_4fAaWxPa4MMOFvnqOSdLCjlwdoyZ3cQK1wKl19_eUo76pp9GOtGODZwLyQl7IJiANOdc3bmFp46n12NCIHDoHhfjtWzTEtLa2T3aGC5f35Rsf7BlhlROBWKE7kbfV3cqIYM-AmIKcsCC0ut_JmC96wbVTWk5g8uC0uhSrRgtZXVdzKAZJAOj4j8RfXmo9GipjVwaaOm8Fr26kRCd7EP4F-hBrmgyHfzg_27y86xtuO5E3DNf-cT0Yxq_Mbc0jw8-I2GwFlhabkWIv3Hbgt9CL-Gyz-KmjWzOcY Page URL
https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX19d3NPTUYXG7lx8ZzKV5NnJ95cmBL8N46E%2F8M0gRqOGXi2qpljFwgU9MtXBFhdY9x%2B%2FRda385SqBZzw%2Bv09P%2BwwNFxTjNOH1SyjKJVOH5QeEzAEXbCWnb6Q%2FHRwWpKp%2F6p105BIjNble0kpmi0q31bhb9fsvAw4B8uVHErXZJ8l0ttxqG4pERpK HTTP 302
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBB... Show response
r.fid4.tousmalins.com/tr/cl/ 1 KB
1 KB 141ms
75ms Document
text/html 185.107.232.127
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBBT4omqHa-XFcuDL8brGeHjwXmpUXYeNQeJRSQdHiNUG0doXUEF_rkTpz_Z7k_4fAaWxPa4MMOFvnqOSdLCjlwdoyZ3cQK1wKl19_eUo76pp9GOtGODZwLyQl7IJiANOdc3bmFp46n12NCIHDoHhfjtWzTEtLa2T3aGC5f35Rsf7BlhlROBWKE7kbfV3cqIYM-AmIKcsCC0ut_JmC96wbVTWk5g8uC0uhSrRgtZXVdzKAZJAOj4j8RfXmo9GipjVwaaOm8Fr26kRCd7EP4F-hBrmgyHfzg_27y86xtuO5E3DNf-cT0Yxq_Mbc0jw8-I2GwFlhabkWIv3Hbgt9CL-Gyz-KmjWzOcY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.107.232.127 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

bde2421cd765d1ac820f31ffd4bffd91e3701d91ac4c429baeb66ed02435c7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 1306
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:47 GMT
x-content-type-options: nosniff
x-sib-server: red1.dc3.51b.tech
x-xss-protection: 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame E33A 3 KB
2 KB 83ms
32ms Document
text/html 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?id=2080810

Requested by

Host: r.fid4.tousmalins.com
URL: https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBBT4omqHa-XFcuDL8brGeHjwXmpUXYeNQeJRSQdHiNUG0doXUEF_rkTpz_Z7k_4fAaWxPa4MMOFvnqOSdLCjlwdoyZ3cQK1wKl19_eUo76pp9GOtGODZwLyQl7IJiANOdc3bmFp46n12NCIHDoHhfjtWzTEtLa2T3aGC5f35Rsf7BlhlROBWKE7kbfV3cqIYM-AmIKcsCC0ut_JmC96wbVTWk5g8uC0uhSrRgtZXVdzKAZJAOj4j8RfXmo9GipjVwaaOm8Fr26kRCd7EP4F-hBrmgyHfzg_27y86xtuO5E3DNf-cT0Yxq_Mbc0jw8-I2GwFlhabkWIv3Hbgt9CL-Gyz-KmjWzOcY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

af716dc586d0fd7f0cd1238d762db655458a6a997031c645521c6edaaaa59378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://r.fid4.tousmalins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
age: 3877
cache-control: public, max-age=7200
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 70282c19ceab99d9-CDG
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 27 Apr 2022 16:15:47 GMT
last-modified: Wed, 27 Apr 2022 13:11:10 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Sails <sailsjs.com>
x-sib-server: SENDINBLUE-web1-2
x-xss-protection: 1

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame E33A 14 KB
5 KB 130ms
68ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2080810
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://sibautomation.com/
Origin: https://sibautomation.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:47 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 70282c1aab8132c5-CDG

GET
H2 204 cm
in-automate.sendinblue.com/ Frame E33A 0
203 B 136ms
76ms XHR
text/plain 2606:4700::6811:90c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/cm?uuid=f5cdcf02-28ef-4c36-bf4d-648648146f2a&key=lf0i5bwl6wymorl9vwyij&trans=1&message_id=9079d07f-57f5-47f4-8e37-fc3995b3ba20
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2080810
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 70282c1ab96f0847-CDG

GET
H2

200

Primary Request / Show response
maxi-malins.com/jeu-100-gagnant/
Redirect Chain

https://lk.tousmalins.com/tk/v1/I0let52jlF/U2FsdGVkX19d3NPTUYXG7lx8ZzKV5NnJ95cmBL8N46E%2F8M0gRqOGXi2qpljFwgU9MtXBFhdY9x%2B%2FRda385SqBZzw%2Bv09P%2BwwNFxTjNOH1SyjKJVOH5QeEzAEXbCWnb6Q%2FHRwWpKp%2F6p1...
https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

60 KB
13 KB

467ms
405ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Requested by: Host: r.fid4.tousmalins.com
URL: https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBBT4omqHa-XFcuDL8brGeHjwXmpUXYeNQeJRSQdHiNUG0doXUEF_rkTpz_Z7k_4fAaWxPa4MMOFvnqOSdLCjlwdoyZ3cQK1wKl19_eUo76pp9GOtGODZwLyQl7IJiANOdc3bmFp46n12NCIHDoHhfjtWzTEtLa2T3aGC5f35Rsf7BlhlROBWKE7kbfV3cqIYM-AmIKcsCC0ut_JmC96wbVTWk5g8uC0uhSrRgtZXVdzKAZJAOj4j8RfXmo9GipjVwaaOm8Fr26kRCd7EP4F-hBrmgyHfzg_27y86xtuO5E3DNf-cT0Yxq_Mbc0jw8-I2GwFlhabkWIv3Hbgt9CL-Gyz-KmjWzOcY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5daeccc5bd9c243a2d1008fefd018b059fba083644e686f89f87851d9d5703

Request headers

Referer: https://r.fid4.tousmalins.com/tr/cl/h5fqY8WRChZXqT_NI1Ksj9ISJOaba-U6uBD3q8bs6grWXMCmDZMF2lw_Rn3NcscB1D9K37lCoGle91Go2k9B6N1UghKhxITqmQ02UHz4MIOK3h49Uf4u_xqp-dEqlrdiPWBquiKyl7leVEqNtCxo3aKz6yLRH9glLCg4S4l1Bqf8AdL4vyYkhM1zTh9GKjMyc2HBBT4omqHa-XFcuDL8brGeHjwXmpUXYeNQeJRSQdHiNUG0doXUEF_rkTpz_Z7k_4fAaWxPa4MMOFvnqOSdLCjlwdoyZ3cQK1wKl19_eUo76pp9GOtGODZwLyQl7IJiANOdc3bmFp46n12NCIHDoHhfjtWzTEtLa2T3aGC5f35Rsf7BlhlROBWKE7kbfV3cqIYM-AmIKcsCC0ut_JmC96wbVTWk5g8uC0uhSrRgtZXVdzKAZJAOj4j8RfXmo9GipjVwaaOm8Fr26kRCd7EP4F-hBrmgyHfzg_27y86xtuO5E3DNf-cT0Yxq_Mbc0jw8-I2GwFlhabkWIv3Hbgt9CL-Gyz-KmjWzOcY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 70282c1c681cedff-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 14:15:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://maxi-malins.com/wp-json/>; rel="https://api.w.org/", <https://maxi-malins.com/wp-json/wp/v2/pages/1008900>; rel="alternate"; type="application/json", <https://maxi-malins.com/?p=1008900>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF1donfy3v4O2MPXGmbOUBoy53IhvE9xRksMdeOHKeN0QC4SkPW4dUt7G4iml%2FS8mg1OI4g4CZUG6kc%2BI8BPNTZg7ze%2FXvJj7IVwVVXJbUuMlDfo9I9qC5tkJdafIcTp6McXiUr7eNHhm45Gns0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

apigw-requestid: RPlzHhlVjoEEPKw=
content-length: 296
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 14:15:47 GMT
location: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
vary: Accept
x-powered-by: Express

POST
H2 200 rum
sibautomation.com/cdn-cgi/ Frame E33A 0
58 B 30ms
29ms XHR
text/plain 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sibautomation.com/cm.html?id=2080810
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Apr 2022 14:15:47 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 70282c1b498399d9-CDG
x-frame-options: DENY

POST rum
sibautomation.com/cdn-cgi/ Frame E33A 0
0

GET
H2 200 style.min.css
maxi-malins.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 37ms
34ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 20:31:15 GMT
server: cloudflare
age: 3207
etag: W/"145db-5dbee205c7976"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fj5WjeWzHph9cj4XnHU5LrI3LOO9smuN7kxdSk9q2m0OPZh8FpkpZgeouiNtCwzg4dYM7ZY9FuQL5tp5%2BLwa1iHiV1dbjGJBdjsJ5v7kzwWsab46IQYXjfuaQk8kYEeC2Yk39So1f9iJqkfklWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f2b74edff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dashicons.min.css
maxi-malins.com/wp-includes/css/ 58 KB
35 KB 42ms
40ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/css/dashicons.min.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 May 2021 08:47:37 GMT
server: cloudflare
age: 3207
etag: W/"e688-5c2464bc05726"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwRM4I%2FG6tdfWCAjxlmqQLav9%2BgZqfGIR3tQ4qmYRBV2VdGghbKzPdZ09%2FaelKf2AxMB7FY5HoL3ORND1efG%2FEKb574P2xCTBpjHVrkwzJrv3F9Nl2Gtv6kUQBfE5UfiazUwvrH8spFrcUhFS5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f2b77edff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend.css
maxi-malins.com/wp-content/plugins/post-views-counter/css/ 289 B
489 B 38ms
36ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 04:07:27 GMT
server: cloudflare
age: 3207
etag: W/"121-5d78df8be52a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkQusxs6GLPX0Kv8zNFclaJzuMhZ8iNEhTSh5DRFY9FfIxdCikFezF3%2BgbDTw0OmXYgPywtJ1R%2B24ZilC79zd2ya%2F3tIjGIpA2u%2BX0zkv6lbi5Mg4cGQRGrtkbtPMqq9WPog3bATiB6RUy%2BkM90%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f2b78edff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
maxi-malins.com/wp-content/themes/maximalins/ 341 B
478 B 39ms
38ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/maximalins/style.css?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 16:48:01 GMT
server: cloudflare
age: 3207
etag: W/"155-5b9d06ae8db81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HIEZQKlFwdJqdpcPO72oAdcEobV0gaEOCnS07ctRzcsTB0cD2T%2BcWGJ4ozzGWkJTrE58WMs%2BPWLxXUftNsXbhqBdHLaTW7Fa%2FSKdH6zXocK7ChjQTyPUtGyKdMbHAE2qLg9S8zy1p28CkLxxqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f2b7aedff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 55 KB
10 KB 98ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1856643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9939
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-da9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ixozrbdmy%2FBl8y3NiamdP4hpDGSuxj%2B4kTzdd6d3fI952CV%2B%2BATvYdpD5KH7jXpkAuAKkP1IP%2Fol3CxxHjm0fRlI9ygAYOAdIkbxGV0bq7BgT%2Fj%2BE2t6t%2Flm9X9g89aR3eTghoBxv93f%2BA44LThBSBig"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70282c1f8ea140d5-CDG
expires: Mon, 17 Apr 2023 14:15:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 108ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:49:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:48 GMT

GET
H2 200 rose.css
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 174 KB
28 KB 66ms
65ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/rose.css?ver=2022-04-27
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5074086342f5b23b2dfdcddf05f6e40f4fe0a6ee1cbfe0efaaa971e0563e3ec4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:45 GMT
server: cloudflare
age: 797
etag: W/"2b699-5dd90357091e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ns%2BDclTS6OqvZGIGk1OyJZhuaqwKtgrHFqrrP9R1VM5JsQ31%2B7je3eWN0yvtT%2BJebx3xk083VQljSJhpLXcfrCvCJFy6wPDJGpFkpCDjjK7iloz67TybRdji7r2WPustCKj5FDxHykTsoCaDMPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f3b7cedff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.min.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 263 KB
82 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/app.min.js?ver=2022-04-27
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c20ab6f813c37af408127ac5f12ff420fcf01a1c4d5081eea2844d8761dec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:45 GMT
server: cloudflare
age: 797
etag: W/"41bc9-5dd90357091e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSJgvKwmOGejoaojJnNCNx%2Fjt1NeGvpxudfCc3wHzpFv2vGFGXwGrBRvTs6mxRnanqQ0kw37CoybK%2B6DoFejU%2B8Jwcdx56K9XmwgAzgnj%2F1smcCkLtjjyPMjuRXdawEl8kNUhaelVDrFzlVBPtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1f3b7dedff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
67 KB 108ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7e43262c11bb9585d10b51a643fbee854d8dd95592b16d4ca560dc8bc84edbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67747
x-xss-protection: 0
expires: Wed, 27 Apr 2022 14:15:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
55 KB 120ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b385878fa26e44660f882d703949975dceac27a7c5aff1ef041b9bc41136dc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56237
x-xss-protection: 0
server: cafe
etag: 12186358126865586504
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:15:48 GMT

GET
H3 200 Logo-Maxi-Malins.png
maxi-malins.com/wp-content/uploads/2020/06/ 74 KB
74 KB 33ms
32ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/06/Logo-Maxi-Malins.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75489
last-modified: Tue, 30 Jun 2020 09:22:46 GMT
server: cloudflare
etag: "126e1-5a949b7e332c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyNDGtNnPnVO6w%2FDjp8hxtM1ncopa%2FEBgTlEhGl7LpvtaJb%2FbUQADBxemKjh1IS1ZF85rUhTBAl4RuAr6qnj0jJyn5J7BnhUofNd8nzhFtaOexV40fqljKJG1eqrSsHFUgRRl3g8OpYIbPEtqv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c200e45cd8f-CDG

GET
H3 200 Ce-ebook-GRATUIT-.jpg
maxi-malins.com/wp-content/uploads/2020/11/ 35 KB
35 KB 108ms
106ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/11/Ce-ebook-GRATUIT-.jpg
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870b20a6ea759c00a27f8433bcff0413972ed9c17251a9d2bca11a2052671ce2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35534
last-modified: Tue, 17 Nov 2020 14:29:55 GMT
server: cloudflare
etag: "8ace-5b44e5421df6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW80MR5tvCHRmJJWAu%2BKTi4ak1hQkDtHn%2FtwMZwWHhZerhbzqlidmiOfF8GBvh%2BFFHn3BxqOebe1JC5cdYBFLoYHoqvljpJLWoH2cnj9Z7ngxj2lxhFGxADP1%2BJyHNquPUmCT4oh%2FdwWl5NOzGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c200e47cd8f-CDG

GET
H3 200 lampe-maison-berger-parfum-recharge-lolita-lempicka-a-gagner-jeu-concours-facebook-maison-berger-france-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 125 KB
125 KB 82ms
81ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/lampe-maison-berger-parfum-recharge-lolita-lempicka-a-gagner-jeu-concours-facebook-maison-berger-france-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5dbfe54bd0cb819c9635229dfb3bd089a0167038d32c41e2e8f59af6df346a8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127641
last-modified: Tue, 26 Apr 2022 13:46:13 GMT
server: cloudflare
etag: "1f299-5dd8eea88372e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw1b4njBb2TpoXzqs1xDCmolon3WYx%2FuSpk%2B7QSqjWfp2EVxIHJlw4KOpGz0AS%2FRXc%2FSM3Zz0VF%2BdcCeHDsveBQnrfLC4MH%2B3VRsf8kk0CmzlNb3hbNhEUWjbfiGwuACXkcpJMKDayK%2FpbBmSWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c200e49cd8f-CDG

GET
H3 200 produit-beaute-gratuit-a-tester-shampooing-reequilibrant-masque-poudre-galanga-klorane-test-sampleo-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 124 KB
125 KB 37ms
36ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/produit-beaute-gratuit-a-tester-shampooing-reequilibrant-masque-poudre-galanga-klorane-test-sampleo-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe36a4cec90ca1d4c554141d7ad01acb5567f3d7ee09030b05930d987853c38a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127063
last-modified: Tue, 26 Apr 2022 13:32:02 GMT
server: cloudflare
etag: "1f057-5dd8eb7d53b3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xvt4ObtXXbsSPoSq79ktpl0YRwcaTL6fYz9vbj9XBahAeI4XGtQRyWZd9vVYvA%2FoJqu%2B9fq%2F8LlavFzqVArLO%2B0lKDkPrv%2BvmcAA0BMZFJJLGy%2F%2Bh9d0dyhz5JQ%2Bz88PYa2HiD44z3fZ67t0Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c200e4bcd8f-CDG

GET
H3 200 sejour-copenhague-danemark-carte-cadeau-jules-a-gagner-jeu-concours-jules-300x300.png
maxi-malins.com/wp-content/uploads/2022/04/ 147 KB
147 KB 178ms
176ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2022/04/sejour-copenhague-danemark-carte-cadeau-jules-a-gagner-jeu-concours-jules-300x300.png
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118fe612a0ad8a65ecdcc18763e92d7b9d6ee03cb40e4a6c0c684ff8f3ffe75c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150112
last-modified: Tue, 26 Apr 2022 13:31:49 GMT
server: cloudflare
etag: "24a60-5dd8eb7047e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bts7yXufTRtZb7tjNaOkyvKgqapBiObAZ9cuJCzsMu0xJ3IA8PYXjp1xQ94%2FG3Fr1YXyXg2I8ZjJV2soel1MYcyrrpDUjH0OKyG%2FCEfn5KjiiSQlWSRt3wrRJNbqC%2Frq7KEOyyI373m1hwZWFNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c200e4dcd8f-CDG

GET
H2 200 cookieControl-9.5.1.min.js Show response
cc.cdn.civiccomputing.com/9/ 285 KB
76 KB 73ms
23ms Script
application/javascript 2600:9000:20eb:7a00:e:3706:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cc.cdn.civiccomputing.com/9/cookieControl-9.5.1.min.js?ver=5.9.3

Requested by

Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:7a00:e:3706:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f9965505920b2915bf1f23a2421aa5f83bfb72105eb88917ea1d549abee0192d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 13:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
x-cache: Hit from cloudfront
x-xss-protection: 1
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jan 2022 09:48:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "47585-5d573950dedf1-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: jf_V7lVjwkvc_5vbApz8rPRwF1F4xHAE4jbgGqC7xxyBRY-v7K2Qpw==
expires: Wed, 04 May 2022 13:58:46 GMT

GET
H3 200 script.js Show response
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 3 KB
1 KB 35ms
35ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/script.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 05:15:00 GMT
server: cloudflare
age: 3207
etag: W/"aee-5bd27bfad32a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFfNqVELQ1rzgLrbefl3iUTKEyxUrETnipAn5e9aeToo0B%2FW7%2BTYaQX2JjWLDcyNIjVzq5pftTkHRyh%2FStJqmIBAxvCroYA3ZN1ArIHIzNuGJ7CP5NWyHk0a26ReH%2FGYSIf8SAktMqIwNuNv8fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c1fee12cd8f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scriptcoreg.js Show response
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 3 KB
2 KB 107ms
107ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/scriptcoreg.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 05:15:00 GMT
server: cloudflare
age: 3207
etag: W/"ded-5bd27bfab8cc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2gvpdlTRhbpl1hzqsFUaNIiu6bIOBBnylagQTjIy7SEtsIRHnGHjricw9WZsfyVHnEG6S0ZB4kp%2BJ8Vnc%2FIPE3B82ztfB4lu%2BwET0wyNR8McyLSPIvcoT33hktw96DDb1htsrlwWz7UvI7nIcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c200e3acd8f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navigation.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 3 KB
2 KB 108ms
106ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/navigation.js?ver=20151215
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:44 GMT
server: cloudflare
age: 3207
etag: W/"b97-5dd90356e1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l6KXDXLxJZ8y7zdpLa2%2F4zc5xmzS8ssEgacndXzaZ9T4P2dbPg4pwrq8QTdvhMXL8u7su8Tb%2B%2BhdwfFq9uVrqXJ7l5AbOR46XsHR2zms3zqDsaPN5wM0rcFLpKQYkfLbvCuM4GHMvJy3Ei0SxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c200e41cd8f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 685 B
924 B 32ms
31ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Apr 2022 15:18:44 GMT
server: cloudflare
age: 3207
etag: W/"2ad-5dd90356e1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryMOrYEPn%2FDc8R2hFyyyUivN%2BCgXb3KLNvWjg3RClCM7M7kS9wRW4iNwo1OJDGl9zDVZYSvEQVdjVjg7CFIs9huvTb0ZXECotlPWvJqSDp68blQOVawZzkJcPTjdrrFeC0%2Fu7lGhlqZ2m5mI6V8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c200e43cd8f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
maxi-malins.com/wp-includes/js/ 18 KB
5 KB 190ms
189ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxi-malins.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 11:06:09 GMT
server: cloudflare
age: 2952
etag: W/"4705-5d35586ba54ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJce%2BxR5PDvM3FknViZFpU1lFwEWcCtz9HX%2FJyWjSHS8ixq2V61EzugQI0jNWxNJXJU3f06h0nESUcC0BEcrWPljeotBsrLsWtLNhPNY1x1USbC%2FhnCQDAhcsjOfoYb5t5FyG7I0Ax6MXOKma5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70282c200e4ecd8f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 93ms
29ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 76059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:09 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 74 KB
74 KB 61ms
33ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.9.3
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1856635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-126b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOFVVKpQr9p1g1JZ1eC3X5H52al3MfkdjgT%2FRI98qAu64FYuleRBrjdz8d6EqxDWog8OCi7JxmuZI2W%2Fbdi%2BTUFhuudqYdIBdZevQgxyEm%2Fda94JNpLwqq5HI8c4EDttkdEByMafpeUh4%2FiKxgLyaPPN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70282c203bc03aab-CDG
expires: Mon, 17 Apr 2023 14:15:48 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 100ms
56ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maxi-malins.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 76059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:09 GMT

GET
H3 200 Sans-titre-29-150x150.jpg
maxi-malins.com/wp-content/uploads/2020/10/ 3 KB
3 KB 110ms
109ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-malins.com/wp-content/uploads/2020/10/Sans-titre-29-150x150.jpg
Requested by: Host: maxi-malins.com
URL: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fce91440faa35dfe27f50bad5c58565f60b2838d3bae9d5027820ce3142f8a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/jeu-100-gagnant/?utm_source=NL100Gagnant&utm_medium=NL100Gagnant&utm_campaign=jeux_100_gagnant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2996
last-modified: Wed, 07 Oct 2020 14:52:30 GMT
server: cloudflare
etag: "bb4-5b115dd669d6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDiTWExjs4Bf8gsFUfd5TIZBp%2F2a3bEv9H36WVwqk6iz6EPjb9KNQkpfYMy%2BllJk0BE%2B4Zj3LReCehmgEkVqjwXZ3%2F%2F2ppwD3vJx1qDE6KL5nMRE%2F53b%2BBhh0P6iqEOES7Eutu0fGNWyD16xILg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70282c208eebcd8f-CDG

GET
H/1.1 200
OK v Show response
apikeys.civiccomputing.com/c/ 144 B
650 B 266ms
61ms XHR
application/json 2001:470:6e0a::1b:243
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://apikeys.civiccomputing.com/c/v?d=maxi-malins.com&p=CookieControl%20Free&v=9&k=28d4008103494050a67ed420350e9553f883735b&format=json

Requested by

Host: cc.cdn.civiccomputing.com
URL: https://cc.cdn.civiccomputing.com/9/cookieControl-9.5.1.min.js?ver=5.9.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:470:6e0a::1b:243 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

Apache /

Resource Hash

94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/json, text/plain, */*
Referer: https://maxi-malins.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-apikeys: hit
date: Wed, 27 Apr 2022 14:15:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
vary: X-Forwarded-Protocol
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1
cache-control: max-age=7200, private
transfer-encoding: chunked
access-control-allow-headers: origin, x-requested-with, content-type
x-content-type-options: nosniff
expires: Wed, 27 Apr 2022 14:36:51 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 308 KB
110 KB 115ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5460478803852549&plah=maxi-malins.com&bust=31067267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b192a61785b62e49a8c4c650682de1c6c187aa01b9b5206331189f77afb5388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112817
x-xss-protection: 0
server: cafe
etag: 2024204143686075491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:15:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/ Frame 167E 10 KB
5 KB 92ms
27ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 75609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 17:15:39 GMT
etag: 3347421328414474149
expires: Tue, 10 May 2022 17:15:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 135ms
35ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T2MYSRZFQD&gtm=2oe4p0&_p=806856652&_z=ccd.NbB&cid=694938058.1651068949&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1651068948&sct=1&seg=0&dl=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&dr=https%3A%2F%2Fr.fid4.tousmalins.com%2F&dt=Maxi%20Malins&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://maxi-malins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 102ms
38ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=maxi-malins.com&callback=_gfp_s_&client=ca-pub-5460478803852549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5460478803852549&plah=maxi-malins.com&bust=31067267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9e0ac10cac16dc620f9ec0230af082274e8cafec36cb79ccff06f5ab3d3e35a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 102ms
37ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=maxi-malins.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 103ms
39ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=maxi-malins.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7F9 0
188 B 78ms
78ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1651068948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948673&bpp=2&bdt=358&idt=186&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5292998644805&frm=20&pv=2&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:48 GMT
expires: Wed, 27 Apr 2022 14:15:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EFFA 97 KB
33 KB 736ms
735ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948675&bpp=3&bdt=360&idt=203&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=udhB4pBixJ&p=https%3A//maxi-malins.com&dtd=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4684ebf732ca546adfe10fc2f7ada90ef3113dd8ccedeaeec327a3275b32d692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:49 GMT
expires: Wed, 27 Apr 2022 14:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C976 95 KB
33 KB 763ms
762ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948678&bpp=1&bdt=364&idt=213&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wF8pP9XtoE&p=https%3A//maxi-malins.com&dtd=217

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9b94ad20115cb31136655ea3f30e5420a148fff700eff5ddb09c911008b66d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:49 GMT
expires: Wed, 27 Apr 2022 14:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EFFA 8 KB
892 B 97ms
39ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948675&bpp=3&bdt=360&idt=203&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=udhB4pBixJ&p=https%3A//maxi-malins.com&dtd=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:48:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame EFFA 2 KB
984 B 126ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame EFFA 19 KB
8 KB 96ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:10:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame EFFA 3 KB
1 KB 151ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 13:53:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFFA 119 KB
37 KB 492ms
426ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:50 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame EFFA 15 KB
6 KB 98ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:56 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame EFFA 30 KB
13 KB 95ms
31ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFFA 0
0 131ms
72ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3Pc2FFBpYtScOITwtgfPt7pYq_OH3Gns8bOFqw-yw9ChjA4QASD6j798YPsBoAHcr9K9AsgBCagDAcgDywSqBOgBT9De-J2zpazspOe5r-pftssMTJCzVGAdEJUDG83rmzlDLGg4olowMBkumcwYNHyfFl_7VoPYWsdjwGc2_eGd3JrBr55zIxEpyuludlEYGUoyxsvHSFLMX3uoxHppTy2if3CXjrnCRgg1pKcpfJsf1gGW-IT5tLFwAfu5ZwdWc4M-EgxQb2VlAm5dGvc1qyF9C_eV-DETsWm7uNaUiHQofqeX8CfM0Ys5A_WNPv6Coc9thkCLKZSWJD7OCklmqoG29pwX1PkiaYpIBVXSkUMHbYtt6qlFVV3MUhf7n7kn-PBUGZcvt2-IbsAEkuqI39gDkgUECAQYAZIFBAgFGASgBi6AB-uJ6PQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQndalA9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTQ2MDQ3ODgwMzg1MjU0ORgA&sigh=yAW7yyPyHh0&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=9321156940&adk=4011229509&adf=4128986728&pi=t.ma~as.9321156940&w=1110&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948675&bpp=3&bdt=360&idt=203&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=udhB4pBixJ&p=https%3A//maxi-malins.com&dtd=209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 14:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Apr 2022 14:15:49 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7646780825183979807/ Frame EFFA 42 KB
43 KB 106ms
61ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7646780825183979807/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7206175ee6eff1d58528293ae6fa578cee589b0ce8054c962c3f86e844c97d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 23:18:23 GMT
x-content-type-options: nosniff
age: 572246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43323
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 14:18:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 23:18:23 GMT

GET
DATA 200
OK truncated
/ Frame EFFA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFFA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame C976 8 KB
892 B 59ms
38ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948678&bpp=1&bdt=364&idt=213&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wF8pP9XtoE&p=https%3A//maxi-malins.com&dtd=217

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 14:15:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 14:15:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame C976 2 KB
938 B 93ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame C976 19 KB
8 KB 69ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:10:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame C976 3 KB
1 KB 122ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 13:53:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C976 119 KB
36 KB 493ms
460ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:50 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame C976 15 KB
6 KB 87ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 14:13:56 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame C976 30 KB
12 KB 69ms
34ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C976 0
0 102ms
71ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXYZDFFBpYpT4OJC2tweB87yIB-uVyZtmmdCnuccOxcjYksErEAEg-o-_fGD7AaAB7YfnwgPIAQmpAg6rYzrJy7E-qAMByAPLBKoE6QFP0EyNSj98FaIx4ExlFg7N1ZCNyRzghvxY0qWweq90PPZ0H-Zw-YjTmut3yUk2lAEle4bjTr_f2ejbu4FkaBlBt8O2GPcKbq3kUDOR_Kj2GhTRlAFVzUy4xbFACxjqxXnboK7nQ5bIzEL4PbXMAZt0nFlWNarp7VKwfyNE-TVYO2SBlcmqQXyg04RZyZbMdKQPLHaUFIKDXad2E-2ljbLj-dczmK2GGKem8BO6IOwRgTjdePpeuROMcve9KLiYDMGeGzXMgUdwfDZx_LNl2ruh4nBSII5qSqM8HF0D_TMVb7szEsLh9wbdpsAEw5Hbi9oDkgUECAQYAZIFBAgFGASgBi6AB9LHuTCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDc5KwC0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NDYwNDc4ODAzODUyNTQ5GAA&sigh=rXlVUVigXX8&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=5254258732&adk=3683134053&adf=3011848915&pi=t.ma~as.5254258732&w=1108&fwrn=4&fwrnh=100&lmt=1651068948&rafmt=1&psa=0&format=1108x280&url=https%3A%2F%2Fmaxi-malins.com%2Fjeu-100-gagnant%2F%3Futm_source%3DNL100Gagnant%26utm_medium%3DNL100Gagnant%26utm_campaign%3Djeux_100_gagnant&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651068948678&bpp=1&bdt=364&idt=213&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5292998644805&frm=20&pv=1&ga_vid=694938058.1651068949&ga_sid=1651068949&ga_hid=806856652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067267&oid=2&pvsid=1571010222726294&pem=54&tmod=1361195367&uas=0&nvt=1&ref=https%3A%2F%2Fr.fid4.tousmalins.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=wF8pP9XtoE&p=https%3A//maxi-malins.com&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 14:15:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Apr 2022 14:15:49 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6320265450243158694/ Frame C976 24 KB
24 KB 109ms
84ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6320265450243158694/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc96d9fb5d507a09417ba0f9626d792eeac0885f8a42d6fa144091f93493216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:04:06 GMT
x-content-type-options: nosniff
age: 159103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 21:59:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 18:04:06 GMT

GET
DATA 200
OK truncated
/ Frame C976 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C976 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFFA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daaa5a0e468f08ea6bb1bf0276bac93b7c677aa20b4bbb47f92b02a0a5993301

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C976 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e78d9277b30431358126993cb647a1c6a51ac9948aa0481fb29e06a51fe91a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame EFFA 28 KB
28 KB 85ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 57823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:07 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame C976 28 KB
28 KB 82ms
30ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 57823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:07 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame DCCF 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 108ms
47ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220425&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92615adced6b600f6b277ec4d65a0dda1a64e2ecb9d65cc10b1d1d24b5af3587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10431
x-xss-protection: 0

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 46DC 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 105ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 14:15:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7640 13 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 13:53:08 GMT
expires: Thu, 27 Apr 2023 13:53:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA4B 783 B
1 KB 102ms
38ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62843b3e8f3eb2ab0e6de2af9c188a825480df1bb183ceb41255195eaa8a8a34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LwweRmkoXwWrzgW1Op5fvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://maxi-malins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LwweRmkoXwWrzgW1Op5fvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 14:15:50 GMT
expires: Wed, 27 Apr 2022 14:15:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7640 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 17:16:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA4B 0
0 68ms
68ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220425&jk=1571010222726294&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7640 0
9 B 28ms
27ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ye4SsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:15:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFFA 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvI3KhatLxvh-stnsG4u_sfA7Z6II5cxuLszj-fz-d54sO49Wy8is-u9Oi0g7iA3rq3Zr-00nGroCVWNyHYsN5ucQbZlgydaJblyeDBt467rrEfslsfpw&sai=AMfl-YRDuGkQajsAKZvVClUKwg_E12PUxMhU3G-BH1Ms7DNTcQz8Eg6Qv07ZWPlIe-VOqW8N4MkMhozZAnui&sig=Cg0ArKJSzJyH8wXbkPRQEAE&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4011229509&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651068948885&rpt=1379&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 14:15:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220425&jk=1571010222726294&bg=!EBOlE1fNAAYXWUUuN1k7ACkAdvg8WiJWNuV2w0A5ztYjfzsF5TQgWUE4Ja64A2LF9ORSm6irljHfZAIAAABOUgAAAA1oAQcKAMuAsOODKGelK-3d-JEBLHXYy1pG2e0T8z1NLwgdNHiQxjTOKROgI9Lb0ZZArbDchTiDQDtrIVOTmJL4BBeF9okvoUjpl1pCQSC5VzCUUfNcGGPpKfBp_jXEYkwdD0AxN4odzddDMZv4KpJat7uIozoab7XMDN7f63o1_U8rhcpB0I-9J_iFUqNAz1eWHVd2waLPRkDDVXsrHDxbWFOMy7bBiiYYn8vuCzSUMlaSn93yK9ljOL0tG-cAzAIzprsfBnJhxNFQGSqKtQTM7JkCm9sXcNELPCF44Fs4YikyxmA8KZgBKMF2SQl-OLr2CCv9ACfLwC0wEEBP0eJcuY6HAvc5oYNSgjrF12PzSSPPuXogAvypRzCaO3Fiegc7cIRhjwW03l_I6i3yWPjmq2zLUVid5tzFRnlAKCvEckSPjxwn1o3kHZQ9SqggsbfZu5gK8df33QhXMvnte_AZmimvIoeRB8_WfeeN5o2eZycOMShG0__RCY4IfV05LE18insmKHYYWNHFuuOvbXBK7CXFKqchTySG6-PYmvyn5xt61H9IWTmNUw351IdUpf-6E9UeaujlomlPGySLx3RuNhrEfkWOoqgQkAVRr0wyfI4oW4SULttErdM_H__hs-OdhZTwYEf4APdwX5rScYts7YbK2Gr3tIYoujIgoKs_tKiv5ZM6K-uYYx2lNc3eq5-nqU5tf7xa-HtaP-FLCqIPBav75Cz74ePy5wfdmlB9d4eatOKrfS6XIFDIK4Uqz0cUTI3agp2JyI_OBlxHdj5oFjrDur4rbCSExLmjAOvlYrH7Iya8rROkha9RcpQdwuav0qdpeN3w0RlVbEwNWsnNNtReCjm__K5eR4EUoHVWeRyE-6yWl2oOx33_u4agTw6Re00f3qNTM0W5X4Bbm04s-XxW8-lb80OOpExZL8Iy5AaaH6nHHEMwsy5x7Iu5nuSatugyUKm52cB3vaXDW6_EGQas2AoCEov8KjWv2-gG5CH7WNEGMSVxwNtFUvTcl4qyEjxok-1Q-mZt81XWSj5ucM2_Lbv_VpRH-EZI1tCa0ERbySulkppxOjw4_bssW8BCEyADZQU261SKd77X3t0Hs5hdp4SaJZdNm_A4UL4IrL9wIohgiCAhHkt7bgZ-80NnCxQm_-rxmNNJhDO2e5E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxi-malins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sibautomation.com
URL: https://sibautomation.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sibautomation.com/	1970-01-20 06:59:03	Name: uuid Value: f5cdcf02-28ef-4c36-bf4d-648648146f2a
maxi-malins.com/	1970-01-23 18:13:48	Name: dt_session Value: 88f4c47d-c634-11ec-8dfe-ac1f6b00d584
.maxi-malins.com/	1970-01-20 11:23:24	Name: CookieControl Value: {"necessaryCookies":["wordpress_","wordpress_logged_in_","CookieControl","dt_session","wordpress_*","CookieControl"],"optionalCookies":{},"statement":{"shown":true,"updated":"10/06/2021"},"consentDate":1651068948593,"consentExpiry":365,"interactedWith":true,"user":"35DAE270-28C5-496F-833F-712B99977AD9"}
.maxi-malins.com/	1970-01-20 11:59:24	Name: __gads Value: ID=ab9274cc1598fea1-228e5d9384cd00be:T=1651068948:RT=1651068948:S=ALNI_Mb3bQqGQvp0wZGw4ewcZVU-w9o1zg
.doubleclick.net/	1970-01-20 11:59:24	Name: IDE Value: AHWqTUl7fyekI8cz0MvRVgJGSmDrf0aQTZs4diCcA6FvgtXv6BshfBS1SaUD--zpicA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
apikeys.civiccomputing.com
cc.cdn.civiccomputing.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in-automate.sendinblue.com
lk.tousmalins.com
maxi-malins.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.fid4.tousmalins.com
sibautomation.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
sibautomation.com
142.250.186.34
185.107.232.127
2001:470:6e0a::1b:243
2600:9000:20eb:7a00:e:3706:bd00:93a1
2606:4700:4400::6812:2291
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:4700::6811:90c
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2004
2a06:98c1:3120::7
63.35.247.163
118fe612a0ad8a65ecdcc18763e92d7b9d6ee03cb40e4a6c0c684ff8f3ffe75c
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1d5daeccc5bd9c243a2d1008fefd018b059fba083644e686f89f87851d9d5703
1fce91440faa35dfe27f50bad5c58565f60b2838d3bae9d5027820ce3142f8a1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4684ebf732ca546adfe10fc2f7ada90ef3113dd8ccedeaeec327a3275b32d692
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
5074086342f5b23b2dfdcddf05f6e40f4fe0a6ee1cbfe0efaaa971e0563e3ec4
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62843b3e8f3eb2ab0e6de2af9c188a825480df1bb183ceb41255195eaa8a8a34
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
80e78d9277b30431358126993cb647a1c6a51ac9948aa0481fb29e06a51fe91a
814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a
870b20a6ea759c00a27f8433bcff0413972ed9c17251a9d2bca11a2052671ce2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b192a61785b62e49a8c4c650682de1c6c187aa01b9b5206331189f77afb5388
8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92615adced6b600f6b277ec4d65a0dda1a64e2ecb9d65cc10b1d1d24b5af3587
94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e
9e0ac10cac16dc620f9ec0230af082274e8cafec36cb79ccff06f5ab3d3e35a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
af716dc586d0fd7f0cd1238d762db655458a6a997031c645521c6edaaaa59378
b385878fa26e44660f882d703949975dceac27a7c5aff1ef041b9bc41136dc90
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bde2421cd765d1ac820f31ffd4bffd91e3701d91ac4c429baeb66ed02435c7bb
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7206175ee6eff1d58528293ae6fa578cee589b0ce8054c962c3f86e844c97d6
c9b94ad20115cb31136655ea3f30e5420a148fff700eff5ddb09c911008b66d2
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daaa5a0e468f08ea6bb1bf0276bac93b7c677aa20b4bbb47f92b02a0a5993301
ddc96d9fb5d507a09417ba0f9626d792eeac0885f8a42d6fa144091f93493216
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f55c20ab6f813c37af408127ac5f12ff420fcf01a1c4d5081eea2844d8761dec
f5dbfe54bd0cb819c9635229dfb3bd089a0167038d32c41e2e8f59af6df346a8
f7e43262c11bb9585d10b51a643fbee854d8dd95592b16d4ca560dc8bc84edbb
f9965505920b2915bf1f23a2421aa5f83bfb72105eb88917ea1d549abee0192d
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
fe36a4cec90ca1d4c554141d7ad01acb5567f3d7ee09030b05930d987853c38a

maxi-malins.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

86 %IPv6

17 Domains

22 Subdomains

22 IPs

4 Countries

1531 kBTransfer

3163 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

maxi-malins.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

86 %
IPv6

17
Domains

22
Subdomains

22
IPs

4
Countries

1531 kB
Transfer

3163 kB
Size

5
Cookies

73 HTTP transactions
6 data transactions