www.fleuri.cc Open in urlscan Pro
2600:9000:21f3:a200:2:89de:a580:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fleuri.cc/
Submission: On September 18 via manual (September 18th 2021, 7:43:47 pm UTC) from US — Scanned from DE

Summary HTTP 218 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 63 IPs in 7 countries across 48 domains to perform 218 HTTP transactions. The main IP is 2600:9000:21f3:a200:2:89de:a580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.fleuri.cc.
TLS certificate: Issued by Amazon on April 24th 2021. Valid for: a year.

This is the only time www.fleuri.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
92	2600:9000:21f... 2600:9000:21f3:a200:2:89de:a580:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	52.219.137.37 52.219.137.37	16509 (AMAZON-02) (AMAZON-02)
4	183.79.249.124 183.79.249.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
2	103.142.124.65 103.142.124.65	131957 (MICROAD M...) (MICROAD MicroAd)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	23.45.103.78 23.45.103.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.62 2.18.232.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.182 2.18.232.182	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:6c0... 2a02:26f0:6c00:287::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.67.128.30 23.67.128.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	52.199.30.188 52.199.30.188	16509 (AMAZON-02) (AMAZON-02)
3 9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
3 11	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	35.174.227.42 35.174.227.42	14618 (AMAZON-AES) (AMAZON-AES)
1 3	3.115.55.52 3.115.55.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.43 13.225.78.43	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:be00:1e:513c:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.111.229.110 104.111.229.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:b800:8:dcbf:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.108 13.224.193.108	16509 (AMAZON-02) (AMAZON-02)
1	52.29.166.16 52.29.166.16	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	34.241.235.219 34.241.235.219	16509 (AMAZON-02) (AMAZON-02)
3	202.232.238.39 202.232.238.39	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 3	183.79.171.252 183.79.171.252	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	210.188.196.193 210.188.196.193	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
4 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
1	18.179.248.149 18.179.248.149	16509 (AMAZON-02) (AMAZON-02)
1 2	52.59.115.28 52.59.115.28	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	3.120.13.220 3.120.13.220	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	52.198.4.47 52.198.4.47	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	54.168.155.233 54.168.155.233	16509 (AMAZON-02) (AMAZON-02)
1 2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	150.95.47.200 150.95.47.200	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	3.227.66.247 3.227.66.247	14618 (AMAZON-AES) (AMAZON-AES)
3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	52.196.159.45 52.196.159.45	16509 (AMAZON-02) (AMAZON-02)
1 7	52.196.86.216 52.196.86.216	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.19.186.105 52.19.186.105	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	34.120.190.172 34.120.190.172	() ()
1	2600:1901:0:b... 2600:1901:0:b6a9::	() ()
218	63

92 2600:9000:21f3:a200:2:89de:a580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.fleuri.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.137.37 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-northeast-1-w.amazonaws.com

cd-ladsp-com.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 183.79.249.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b92.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.142.124.65 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

d-track.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.103.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-103-78.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-62.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-182.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:287::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.128.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-128-30.deploy.static.akamaitechnologies.com

a10345300125.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.30.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-30-188.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.227.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-227-42.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.115.55.52 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-55-52.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-43.fra2.r.cloudfront.net

um.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:be00:1e:513c:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

taj1.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.229.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-110.deploy.static.akamaitechnologies.com

js.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b800:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-108.fra2.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.166.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-166-16.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.235.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.232.238.39 (Chiyoda-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

cnt.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.79.171.252 (Japan) 1 redirects

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
PTR: proxy151.ytm.vip.kks.ynwp.yahoo.co.jp

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.188.196.193 (Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: ac.ebis.ne.jp

ac.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.248.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-248-149.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.115.28 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

ssl.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.13.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.4.47 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.168.155.233 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-155-233.ap-northeast-1.compute.amazonaws.com

ad.caprofitx.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.200 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-200.a00c.g.jpt1.static.cnode.io

sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.66.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-66-247.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.232.238.37 (Chiyoda-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.159.45 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-159-45.ap-northeast-1.compute.amazonaws.com

ssp-sync.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.196.86.216 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com

sync.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cf.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.186.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-105.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.190.172 (None, )

ASN- ()

b.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:b6a9:: (None, )

ASN- ()

b6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	fleuri.cc www.fleuri.cc	905 KB
13	im-apps.net 1 redirects dmp.im-apps.net sync.im-apps.net cf.im-apps.net b.im-apps.net b6.im-apps.net	36 KB
13	doubleclick.net 7 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	10 KB
11	google.com 3 redirects www.google.com	4 KB
9	fout.jp js.fout.jp cnt.fout.jp sync.fout.jp	12 KB
9	google.de www.google.de	1 KB
7	yahoo.co.jp 1 redirects b92.yahoo.co.jp yjtag.yahoo.co.jp	8 KB
6	optimizely.com cdn.optimizely.com cdn3.optimizely.com a10345300125.cdn.optimizely.com logx.optimizely.com errors.client.optimizely.com	104 KB
6	googletagmanager.com www.googletagmanager.com	230 KB
5	adnxs.com 1 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	googleadservices.com www.googleadservices.com	35 KB
4	ladsp.com 1 redirects px.ladsp.com um.ladsp.com	5 KB
4	yotpo.com staticw2.yotpo.com p.yotpo.com	169 KB
4	google-analytics.com ssl.google-analytics.com www.google-analytics.com	37 KB
3	openx.net 1 redirects jp-u.openx.net	593 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	282 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	microad.jp d-track.send.microad.jp s-cs.send.microad.jp	6 KB
2	adsrvr.org 2 redirects match.adsrvr.org	912 B
2	criteo.com 2 redirects gum.criteo.com	731 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	outbrain.com 1 redirects sync.outbrain.com	824 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	710 B
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	bidswitch.net 1 redirects x.bidswitch.net	877 B
2	pubmatic.com simage2.pubmatic.com	911 B
2	twitter.com analytics.twitter.com	843 B
2	contentsquare.net t.contentsquare.net c.contentsquare.net	63 KB
2	ebis.ne.jp taj1.ebis.ne.jp ac.ebis.ne.jp	8 KB
2	smartnews-ads.com cdn.smartnews-ads.com i.smartnews-ads.com	2 KB
1	i-mobile.co.jp 1 redirects ssp-sync.i-mobile.co.jp	484 B
1	popin.cc discoveryplus.popin.cc	469 B
1	gmossp-sp.jp sp.gmossp-sp.jp
1	adtdp.com ad.caprofitx.adtdp.com	601 B
1	taboola.com sync.taboola.com	222 B
1	adingo.jp cs.adingo.jp	44 B
1	socdm.com ssl.socdm.com	694 B
1	ad-stir.com sync.ad-stir.com	101 B
1	yjtag.jp s.yjtag.jp	13 KB
1	t.co t.co	455 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	line.me tr.line.me	425 B
1	line-scdn.net d.line-scdn.net	10 KB
1	amazonaws.com cd-ladsp-com.s3.amazonaws.com	2 KB
0	nex8.net Failed st.nex8.net Failed
0	bytedance.com Failed static.bytedance.com Failed
218	48

	Domain	Requested by
92	www.fleuri.cc	www.fleuri.cc
11	www.google.com	3 redirects www.fleuri.cc
9	www.google.de	www.fleuri.cc
9	googleads.g.doubleclick.net	3 redirects www.googleadservices.com
7	sync.im-apps.net	1 redirects js.fout.jp cf.im-apps.net
6	www.googletagmanager.com	www.fleuri.cc www.googletagmanager.com dmp.im-apps.net
5	www.googleadservices.com	www.fleuri.cc www.googletagmanager.com www.googleadservices.com
4	cm.g.doubleclick.net	4 redirects
4	b92.yahoo.co.jp	www.fleuri.cc b92.yahoo.co.jp
3	sync.fout.jp	js.fout.jp
3	secure.adnxs.com	s.yjtag.jp js.fout.jp
3	jp-u.openx.net	1 redirects um.ladsp.com js.fout.jp
3	yjtag.yahoo.co.jp	1 redirects s.yjtag.jp cf.im-apps.net
3	cnt.fout.jp	www.fleuri.cc dmp.im-apps.net
3	js.fout.jp	www.fleuri.cc js.fout.jp s.yjtag.jp
3	px.ladsp.com	1 redirects www.fleuri.cc um.ladsp.com
3	fonts.googleapis.com	www.fleuri.cc staticw2.yotpo.com
3	staticw2.yotpo.com	www.fleuri.cc staticw2.yotpo.com
2	match.adsrvr.org	2 redirects
2	gum.criteo.com	2 redirects
2	dpm.demdex.net	1 redirects cf.im-apps.net
2	cf.im-apps.net	www.fleuri.cc
2	dmp.im-apps.net	www.fleuri.cc cf.im-apps.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	sync.search.spotxchange.com	1 redirects um.ladsp.com
2	sync.outbrain.com	1 redirects um.ladsp.com
2	ups.analytics.yahoo.com	1 redirects um.ladsp.com
2	pixel.advertising.com	2 redirects
2	pixel.rubiconproject.com	um.ladsp.com js.fout.jp
2	x.bidswitch.net	1 redirects um.ladsp.com
2	ib.adnxs.com	1 redirects um.ladsp.com
2	simage2.pubmatic.com	um.ladsp.com js.fout.jp
2	analytics.twitter.com	static.ads-twitter.com cf.im-apps.net
2	www.gstatic.com	www.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ssl.google-analytics.com	www.fleuri.cc
2	d-track.send.microad.jp	www.fleuri.cc
1	b6.im-apps.net
1	b.im-apps.net
1	ssp-sync.i-mobile.co.jp	1 redirects
1	discoveryplus.popin.cc	um.ladsp.com
1	sp.gmossp-sp.jp	um.ladsp.com
1	ad.caprofitx.adtdp.com	um.ladsp.com
1	sync.taboola.com	um.ladsp.com
1	cs.adingo.jp	um.ladsp.com
1	ssl.socdm.com	um.ladsp.com
1	sync.ad-stir.com	um.ladsp.com
1	s-cs.send.microad.jp	um.ladsp.com
1	ac.ebis.ne.jp	taj1.ebis.ne.jp
1	c.contentsquare.net	www.fleuri.cc
1	p.yotpo.com	www.fleuri.cc
1	t.contentsquare.net	www.fleuri.cc
1	s.yjtag.jp	www.fleuri.cc
1	taj1.ebis.ne.jp	www.fleuri.cc
1	t.co	www.fleuri.cc
1	static.ads-twitter.com	www.fleuri.cc
1	um.ladsp.com	px.ladsp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	logx.optimizely.com	cdn.optimizely.com
1	tr.line.me	www.fleuri.cc
1	i.smartnews-ads.com	www.fleuri.cc
1	a10345300125.cdn.optimizely.com	cdn.optimizely.com
1	d.line-scdn.net	www.fleuri.cc
1	cdn.smartnews-ads.com	www.fleuri.cc
1	cdn3.optimizely.com	cdn.optimizely.com
1	cd-ladsp-com.s3.amazonaws.com	www.fleuri.cc
1	cdn.optimizely.com	www.fleuri.cc
0	st.nex8.net Failed	s.yjtag.jp
0	static.bytedance.com Failed	www.fleuri.cc
218	69

This site contains links to these domains. Also see Links.

Domain
ac.ebis.ne.jp
www.youtube.com
www.instagram.com
www.facebook.com
www.kuronekoyamato.co.jp

Subject Issuer	Validity	Valid
*.fleuri.cc Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2021-08-26` - `2022-09-25`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2020-10-06` - `2021-11-07`	a year	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.smartnews-ads.com DigiCert SHA2 Secure Server CA	`2021-07-08` - `2022-07-12`	a year	crt.sh
line-apps.com DigiCert SHA2 Secure Server CA	`2021-01-14` - `2022-01-18`	a year	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2020-06-17` - `2022-09-05`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2021-05-07` - `2022-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.ebis.ne.jp Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
*.fout.jp GeoTrust RSA CA 2018	`2021-03-11` - `2022-03-16`	a year	crt.sh
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4	`2021-03-15` - `2022-04-14`	a year	crt.sh
t.contentsquare.net Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2020-10-04` - `2021-11-04`	a year	crt.sh
ac.ebis.ne.jp GlobalSign GCC R3 DV TLS CA 2020	`2021-01-15` - `2022-02-16`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.ad-stir.com Amazon	`2021-05-11` - `2022-06-09`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ssl.socdm.com Go Daddy Secure Certificate Authority - G2	`2021-01-26` - `2022-02-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.caprofitx.adtdp.com Amazon	`2020-12-28` - `2022-01-26`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.gmossp-sp.jp GlobalSign GCC R3 DV TLS CA 2020	`2020-11-09` - `2021-12-11`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.im-apps.net DigiCert SHA2 Secure Server CA	`2021-06-25` - `2022-06-30`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
b.im-apps.net GTS CA 1D4	`2021-08-23` - `2021-11-21`	3 months	crt.sh
b6.im-apps.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.fleuri.cc/
Frame ID: BB95F2450878E1DE639183137C92C7C6
Requests: 130 HTTP requests in this frame

Frame: https://www.fleuri.cc/blog/voicecount
Frame ID: 1100285E24408A3C4D74ADE4ECFF54FA
Requests: 20 HTTP requests in this frame

Frame: https://www.fleuri.cc/blog/newsfortop
Frame ID: 82919154372B5A336725AE53A7568AD2
Requests: 15 HTTP requests in this frame

Frame: https://www.fleuri.cc/blog/skincarecount
Frame ID: C3301DB43EF1E2FA7898BD84CD7773F6
Requests: 16 HTTP requests in this frame

Frame: https://a10345300125.cdn.optimizely.com/client_storage/a10345300125.html
Frame ID: C2885EEABA0165D1790C86FC68F9369F
Requests: 1 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Frame ID: 2C962246CE4805FDEE9AE9AEAC964F4D
Requests: 18 HTTP requests in this frame

Frame: https://js.fout.jp/beacon.html?from=dmp
Frame ID: 1C0876C226EA328FE6E346BFDB055802
Requests: 9 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: F8475DDB32414CDDBB06ABC223E7EB2D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

毛穴対策 | クレンジングジェル | フルリ公式サイト

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

218
Requests

99 %
HTTPS

27 %
IPv6

48
Domains

69
Subdomains

63
IPs

7
Countries

1954 kB
Transfer

7424 kB
Size

72
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://ac.ebis.ne.jp/tr_set.php?argument=GE5GSneF&ai=official_PC

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0Ep0Q51D33r1x85WrGpwHw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fleuri.cc/?hl=ja

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fleuri.cc/

Search URL Search Domain Scan URL

URL: http://www.kuronekoyamato.co.jp/ytc/customer/members/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://px.ladsp.com/pixel?advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer= HTTP 302
https://px.ladsp.com/pixel?cr=true&advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=

Request Chain 123

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=188638701&cv=9&fst=1631994219680&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=a0FGYcXNKobBgAfQ9qOAAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1061718979&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1061718979&resp=GooglemKTybQhCsO&ipr=y

Request Chain 124

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=427187559&cv=9&fst=1631994219680&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=a0FGYZWqLY6jgQfHjKbIDQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1181967356&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1181967356&resp=GooglemKTybQhCsO&ipr=y

Request Chain 125

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=1269476908&cv=9&fst=1631994219680&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=a0FGYerILan5-gbO6ZnIBg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=2042587256&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=2042587256&resp=GooglemKTybQhCsO&ipr=y

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AbYhy7extzbCks8ADWspWC5BQ8A&logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02&google_gid=CAESEIuVbUm9wSGP2HPgew3HjXo&google_cver=1

Request Chain 169

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA HTTP 302
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

Request Chain 171

https://ib.adnxs.com/setuid?entity=276&code=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAd7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

Request Chain 174

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

Request Chain 177

https://pixel.advertising.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw HTTP 302
https://pixel.advertising.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc HTTP 302
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc&verify=true

Request Chain 181

https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg HTTP 302
https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg&rdrctExp=true

Request Chain 184

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw&__user_check__=1&sync_id=badae91d-18b8-11ec-8cbe-1fe3cd8f0206

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=2 HTTP 302
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=2&google_gid=CAESEIxd6OU-e4tPpFwaRA5kMqo&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=3&google_hm=MWl2ZTdnZnNERks3aVBjOEgtem9RM0JTN0gw HTTP 302
https://sync.fout.jp/report?xid=googleadex&from_google=3

Request Chain 198

https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5 HTTP 302
https://sync.fout.jp/sync?xid=imobile&uid=bbff8bd6-c05f-4ecf-a83a-437f82a69e7a&sync_status=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm HTTP 302
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEXBMGFU9SkD1ns1VUOWfpM&google_cver=1

Request Chain 209

https://yjtag.yahoo.co.jp/csx?tp=wAiXPd0 HTTP 302
https://sync.im-apps.net/imid/redirect?gdpr=1&cid=8144&tid=yid&uidpfx=%26uid%3D&url=https%3A%2F%2Fyjtag.yahoo.co.jp%2Fcs%3Fbtt%3DnvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U%26tp%3DwAiXPd0 HTTP 302
https://yjtag.yahoo.co.jp/cs?btt=nvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U&tp=wAiXPd0&uid=PK1YeUwURUKK8bcPUKjnhQ&gdpr=1

Request Chain 211

https://dpm.demdex.net/ibs:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ

Request Chain 212

https://gum.criteo.com/sync?c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40 HTTP 302
https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=9QArFs3dQ-BBhOfWqmMD07s2-WaiEbtM

Request Chain 213

https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=intmerger&ttd_tpi=1 HTTP 302
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=2275a75f-828b-4bd7-9129-470b11b3e773

218 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.fleuri.cc/ 31 KB
32 KB 953ms
640ms Document
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 589f121345852ebb496268a0bebe1bafbe4a9582e4bec4ff19b80e7466c01113

Request headers

:method: GET
:authority: www.fleuri.cc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 18 Sep 2021 19:43:35 GMT
server: nginx
cache-control: no-store, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; expires=Sat, 18-Sep-2021 21:43:35 GMT; Max-Age=7200; path=/ fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; path=/; httponly
x-cache: Miss from cloudfront
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 5utEZwPWaB05UcIMynMUu1K4DVHc_b86RjQjiCjZk37mtPpmmrOO8w==

GET
H2 200 app.css
www.fleuri.cc/css/ 6 KB
3 KB 983ms
982ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/css/app.css?id=d65f0235af05da3fef50
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1526a936520f3ceff18a62b29d658d417cd760ca1b6e1dbf6cb4113dea60f97d

Request headers

:path: /css/app.css?id=d65f0235af05da3fef50
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"d65f0235af05da3fef50e93d50614b7f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: p0zR755glHUQN1wVGcgoshxOKD1Ejv8cS_2uR6T5Te-xFSrcPdraqw==

GET
H2 200 front.css
www.fleuri.cc/css/ 30 KB
7 KB 986ms
985ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/css/front.css?id=93411351506168a210c7
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a8f7e9be6007ec9f3456c8d5769a75837b03ef40e788c548c4210b3e5973f0

Request headers

:path: /css/front.css?id=93411351506168a210c7
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"93411351506168a210c743bcfcf01e7b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: JaR9RTCYi9LCKLq3W2vlMvY3otgQ0bIPOaBDQjPSDhmF89EP8ZpXNw==

GET
H2 200 reset.css
www.fleuri.cc/pc/css/common/ 1 KB
1 KB 1299ms
1297ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/css/common/reset.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a2da72ab63df6ce988758a1d916d1b3f9d7c67ef2122d9712daa75ff66f7a05

Request headers

:path: /pc/css/common/reset.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: GDDGT8F7ZS22MX49
etag: W/"86ae3f39279c6b4a110cb67de3aa3c99"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pe0SfnuCLGDlpcQki3rC4Yxz6cJciZ_OS_6d1QLaxZ5L5QF-vI1saA==
x-amz-id-2: nOU57GMjgSoY5EEF2iykrfjhNDiinrUImTZ5UR59FK02L0akZSnUi77MTK7mt7oV2HkJrnHr/Z8=

GET
H2 200 base.css
www.fleuri.cc/pc/css/common/ 11 KB
3 KB 1287ms
1286ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/css/common/base.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f14b69f8c1ccbceac1d1a314860cafad066caff4deb090ee6d208d776151c6da

Request headers

:path: /pc/css/common/base.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: GDDQF8NKMWJ6NEJA
etag: W/"eabbd478c9fe8b84aeea68aaff04b99a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -oTr6JV0TsnSR3mE15iUqmayHwm59DHjvDJAioz7NryyjEsqD5DruQ==
x-amz-id-2: wG9mqB4OOhbeVkPIZI8MGWGMe/CY2hNT41aETpDrcLG2HNAJi6CqoR0o5jRo1lIvLo+qegqbB/8=

GET
H2 200 yotpo.css
www.fleuri.cc/pc/css/yotpo/ 3 MB
195 KB 1365ms
1365ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/css/yotpo/yotpo.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b653c3416d9b1c60d831a90730a3055edca75454ba9af70dc724db9478e9f07

Request headers

:path: /pc/css/yotpo/yotpo.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: GDDWXBE2XB90BHRF
etag: W/"38167fe584e60d2c59b251d5a7ebc600"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: svcKAmMbr00vKMEtfySo7M7oghd4RSCK74976MF9K6Qo5l5r4_6hHA==
x-amz-id-2: SeE8GMtAgyyTUyAZkViDpG9JCvXgp9KRVEGxCl5E+wyQwOJsEWquu7aXdmrvrjmsu2LWNhSvNrM=

GET
H2 200 yotpo-jp-fixes.css
www.fleuri.cc/pc/css/yotpo/ 373 B
788 B 1261ms
1260ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/css/yotpo/yotpo-jp-fixes.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd859b5e32b0476c02fe96eb0cad620406b8d4e06718a79e8d0d2405f2cd5072

Request headers

:path: /pc/css/yotpo/yotpo-jp-fixes.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: GDDZFZ46J4ETJ8SY
etag: "e86b4fdb22811f1391fd4f48acc0c6f8"
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 373
x-amz-id-2: 1Ze9P9B+P6iSsQ/3Ksf9s5U7vGho6IFcGLRDD6OeJ4y4HfLpByIO8CfQuG2RKVne0EYq2Hk61OA=
x-amz-cf-id: cfVVau-aKhBseIgYj1naK0SzVdVYtg3zFCbVrFYkGS0gCtyT18pR4g==

GET
H2 200 index.css
www.fleuri.cc/pc/css/ 5 KB
2 KB 1266ms
1266ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/css/index.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959181fcd65ce8f60bcc5e585d603e4e11a14461eee3014b9f35e1470ad51f31

Request headers

:path: /pc/css/index.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: GDDXT754KK0BGR78
etag: W/"0a3b9572b2551009a24116e2636746cd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tYDaof_nueOAozMlDGF6UZ_7-tErY4pTCx7FTSXjzKQ6rz_eRg549A==
x-amz-id-2: pZFAcF0qyiHJoqQfUMxpKb6e+fd98wXgi1aWGRMefWDNYMSB35tR1TvsPTfhRDjlqWOGbmgVehQ=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 100ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131374070-1

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4998ba050fdca397536ad89732532b43331c57355add37855b291f3b5dbd49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40339
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 10345300125.js Show response
cdn.optimizely.com/js/ 387 KB
102 KB 85ms
21ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/10345300125.js

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3bdae10bbfe2363fe9f36edc55fa97ac58c7ef3bfd2e3397d0f7ae5a4c46661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: EZwlzmOL0x9fPrjLkY7FK69fmZtXvooS
content-encoding: gzip
etag: "88829612f19f8a993cd21dd14ff16f0c"
x-amz-request-id: KJFFYSAQQ069FZXK
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3275
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 103083
x-amz-id-2: P4w0UAWlHj+CO7YK6q0kEMIX0r0eOxFwtIJcSOCYuV2RMoC4Vr8noJuhGzlImDk0aKyL1KfmWoI=
last-modified: Thu, 16 Sep 2021 10:11:18 GMT
server: AmazonS3
date: Sat, 18 Sep 2021 19:43:35 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 93ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-835661375

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a821616ee0dcbbd15f3571bdb03fb96c98531dd88e2e3f58197893eaaaad950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39184
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 78ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672187758

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d8a68b082331324260448663bb723b47d58102442b5d64467b3e7700b186966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39182
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 header_logo.png
www.fleuri.cc/pc/img/common/header/ 2 KB
2 KB 2900ms
2890ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/header_logo.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 421d4e8037ae64bda3065ec93ee7a390e2abd0c9247bd417bc20587c101f3fdd

Request headers

:path: /pc/img/common/header/header_logo.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTKQAVR27R6MT2J
etag: "2c68ff05daebfa640712c3786ec0b918"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1805
x-amz-id-2: cBPSjQ07UUpgCzfNZXnixAk1fnlCWHRdnyl6yPK3wkJ079gcyhNTtJczIllkpiU6yIofQqDjYzw=
x-amz-cf-id: aX7tkhoGkTvU-MUiaFRtzB9-80rl3WELBlDHd1yP8_wls34W1NfuZA==

GET
H2 200 img_cart.jpg
www.fleuri.cc/pc/img/common/header/ 812 B
1 KB 2851ms
2842ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/img_cart.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b09b3afcc755174e53ea8080512f25fd2208aea506aede0c672bc2113bc4bec

Request headers

:path: /pc/img/common/header/img_cart.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTNDT00RQWM6317
etag: "451449914aef0d7663e5af7a45e1ee40"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 812
x-amz-id-2: y70A7U5lAzDdrVbViCOuVcIH9i4f30jeF7KzX4rKdtbr5awKvmkURJffL1mt5QXv3tSlh26Jrf0=
x-amz-cf-id: 116BZUyjk4dDv8KTK_1EYn9bozHdyvtN1QK4mlsy8Gl1C2R9VXCF4A==

GET
H2 200 img_touroku.jpg
www.fleuri.cc/pc/img/common/header/ 980 B
1 KB 2901ms
2892ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/img_touroku.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a77769a1d8518c2b6fda75404841edcb831b17309f2a140f03bf2eddc7382bad

Request headers

:path: /pc/img/common/header/img_touroku.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTK91HSKC6TWJF6
etag: "a73ac9498c6f93f2c8e8ebac2549e1ee"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 980
x-amz-id-2: 21pH0JylObLo/fCj9Zv5lxcTb4KjEc+xOwLyLpn/9m9FW533fvcbYNN1mWPkWER+aXYu+Z0C92Q=
x-amz-cf-id: BxHgmkULuU2u4bPagH67u81JSQnIzoljpIaiEZ5AGFVGP0rNZYEPrQ==

GET
H2 200 header_tel.jpg
www.fleuri.cc/pc/img/common/header/ 11 KB
12 KB 2822ms
2813ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/header_tel.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac6a68cfda32a555148940cb5bb04ab841d2516deb6633d6779704166a37d088

Request headers

:path: /pc/img/common/header/header_tel.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTG8SZA4605EEKZ
etag: "c555cf844a0eda5d1958996b19dcdcad"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 11368
x-amz-id-2: rh8CZOhccwv8sKzJFmcwFTSMlL3KbhQYAkkkIyzWCOpX3AFmmhYP76mtFei+t1e4LxYr8r5a88w=
x-amz-cf-id: 0KScXko7vjU_pkHecx38aDjYMoWsJAc030Oh6FSNLUDvJ_HC7qXdKA==

GET
H2 200 nav01.jpg
www.fleuri.cc/pc/img/common/header/ 1 KB
2 KB 3034ms
3025ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav01.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 083f2ac31422313de20a501bb78a4c662125f68f70b6d5ed6c430be54c2d9568

Request headers

:path: /pc/img/common/header/nav01.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTXX3360V2QN92G
etag: "810cb0217fb3fdb31bdd5f4b7a1d1aaf"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1311
x-amz-id-2: ozX5Gg86CJKQr5I9YJv1w5W3/ODSryTzQkBuij1sGNDXxtPau3xr5tz2gDzsg0Jg1REVgBFHEgw=
x-amz-cf-id: z5HWbOn9bpWn9zkPrW0dPGUsSn8234xbGfPqsQCJUckIxi1S_Da4gA==

GET
H2 200 nav02.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 2800ms
2792ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav02.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab242d8e458c378a8849fbb08095d69a89a7f91e2d1f1e914382b311be13bed3

Request headers

:path: /pc/img/common/header/nav02.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTQJXC3ZYB3J9ME
etag: "659c675e76da825ceae3d9450f1af505"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2858
x-amz-id-2: V1fa/Qe0/Poy9OYjMHzS93Hl9ARQCccNCHTSmTVixhscg/4Pl+k81K7OSIkLoIJSD87oP6X0Nes=
x-amz-cf-id: jegUA6xVxSxmduzlccy28d2C7Oi2Yh8ZPiT06DlA1qlNNMgX9JgOyA==

GET
H2 200 nav03.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
4 KB 2819ms
2811ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav03.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 059b41ae0cb22cc8afa7f481650818f86b7f1f3c57abd47aeea22a33e7f12628

Request headers

:path: /pc/img/common/header/nav03.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTVP81DHPZDH8WW
etag: "c31e91fbda9c76af438fc031b7db2448"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3409
x-amz-id-2: C7hxUH6vUUtjpF0zS7egb3c9HcsIsO8GtfkHfau+QY6B5CGltyes50e9x4m5vMqd2vUuhpf4Yno=
x-amz-cf-id: JamlHA-7_6z3wnzDABI2list6Js5MlrL8xPmGe7liiBvR0Xg7YPVhA==

GET
H2 200 nav04.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 2810ms
2802ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav04.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9756387affbd5e65e6395393c3b50f8c76b4282170c69a5b7c959e565468e431

Request headers

:path: /pc/img/common/header/nav04.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTM5XXY3DYPP76H
etag: "c0ad4cb6fd29474c4eccedf65aeb320e"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2742
x-amz-id-2: RFuUwyy+sHaLL80M5B4bnsGtgePINoyWCN3GddFQtUOD1q1n8mwm0QicotiDyoguvvs4AKTckH4=
x-amz-cf-id: EWIoYyxrtxsxjpUbxPZpm4ECcFJz7H4ARWFmEzhWw5KrpT2C4Zcq1g==

GET
H2 200 nav05.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 2883ms
2876ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav05.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bcce6c137f2a74e463e9436212877a39a59b4db576fa6eb2ca416307778e8cd

Request headers

:path: /pc/img/common/header/nav05.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTHQEZ5KK21J549
etag: "647191eadba1296db8c7850614160550"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2974
x-amz-id-2: VlWYZOOK9ZehHaw1g0bqHd/YcYzPPOY1WlPpYlFjxKud6HtT47IuLe14LucZc1q8NXQdXW3bi+w=
x-amz-cf-id: QwDi0iTQMIpG_C_BCNJ2YDVwSgqydiuRzsZx838oFSs1W7t2iLPY1Q==

GET
H2 200 nav06.jpg
www.fleuri.cc/pc/img/common/header/ 4 KB
4 KB 2872ms
2864ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav06.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8fbb3abaab2ca15be99a6a0b8cd0b1f87b091e367d61c112f29c0cc1f9f8938

Request headers

:path: /pc/img/common/header/nav06.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTTG5SMK2N7G5MM
etag: "d347c07ac443abfdf11d88d2e0ca5a8c"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3587
x-amz-id-2: pxUd4j0GwizHQa05CcO7XiB752aIvMtTAWiO0S/UG/RFWSUh1Q94yL2cy636hSm79UaTSz5RbUk=
x-amz-cf-id: ix-keuC1wdNJJxfZbFpwMdMZC5rySaaR6kOwwjSX7Bor0272dOoRgw==

GET
H2 200 main_img01_r.jpg
www.fleuri.cc/pc/img/index/ 67 KB
68 KB 2836ms
2829ms Image
image/webp 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/main_img01_r.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bf9bc4ae4f3fc95f93860871f71a9ce0b788434b7da2085a7db0218165ffefa

Request headers

:path: /pc/img/index/main_img01_r.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTQGNHJXSF5WRV7
etag: "74d2a3277b6971282e7cadd7d06a2228"
x-cache: Miss from cloudfront
content-type: image/webp
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 68970
x-amz-id-2: rne0xOYblaYLv72DvN5Ig00lYOcWbBiyB3CxvWL9DVf3FYl4jjnfaP4mvKGaHLCo/s3IlGmD590=
x-amz-cf-id: o8HafrRQit7srren2HDPIK0bjchfoSnSaSKl5-aRWz3s-CtLr3zlqg==

GET
H2 200 top_center_ban01.png
www.fleuri.cc/pc/img/index/ 2 KB
2 KB 2858ms
2851ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/top_center_ban01.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4138e8096270651b5ee7195edcb8271fae75a79f3cb755396c8447d86f14fe4f

Request headers

:path: /pc/img/index/top_center_ban01.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTSPYR3285P6JBH
etag: "90cd7c80172c89c2674ef85cb6e7bf4e"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1564
x-amz-id-2: PdOf+pUY+C+iKxvXpTiHdQFKpVKWHGbMdi2psOaxdRmPETpdZCR/GjkzTqaY9oaHj0dM4/7fuik=
x-amz-cf-id: cuwfmujxm8-FBryaOXiNe7rv3TX5qOZPuGlEvGkd6jAYvh0yhUTXmw==

GET
H2 200 top_center_ban02.png
www.fleuri.cc/pc/img/index/ 8 KB
8 KB 2838ms
2831ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/top_center_ban02.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a6cf25fd9187f6328e95be2c56048228013649c548d432be4aa044c49fde8e8

Request headers

:path: /pc/img/index/top_center_ban02.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTTAZ8VJGG3P60K
etag: "f388c788af34a4f4478a15bfa422d0ea"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8233
x-amz-id-2: 66L+VK3YruyGuB0e4z5VKU+6lul6OiPIgmbChFPlIOEREW9bW+1LXm+0lSyNgFHPg5YoRuj1PF0=
x-amz-cf-id: djHS2JjI8L0-kfk9nD2q3jC9zYzgGZEu7qR68JLW4QIk7O06lVb4QQ==

GET
H2 200 top_center_ban03.png
www.fleuri.cc/pc/img/index/ 7 KB
7 KB 2861ms
2855ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/top_center_ban03.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e0fe7bab0be5653632b6760efd914cf75d47f5f6a39e4a329ac50de653691c

Request headers

:path: /pc/img/index/top_center_ban03.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTGS04FKTMRB7M5
etag: "f71a99d11b211e8c31edfcc54196d8d2"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 7084
x-amz-id-2: kTtsS2NEU6ru6Q1azpAX4LM2BTlx83avWxRnO0TiHUdhufH9N65JcGstOoJzxJo9vh1wIATPU3U=
x-amz-cf-id: PPjeg6hS8HWKp_-sYkOBJNlMhWCTU-BnA19YrvFocPVTpRVaMyprRg==

GET
H2 200 top_center_ban04.png
www.fleuri.cc/pc/img/index/ 7 KB
7 KB 2981ms
2975ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/top_center_ban04.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d218d01a3ed8b57e58388093e85fdee9766cdd0117f6c6a7bb5cacb3cc451aae

Request headers

:path: /pc/img/index/top_center_ban04.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTST8ZDMCM88H8J
etag: "99c2dffe3a822beb04cf2a6e5a5ab968"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6773
x-amz-id-2: X9Ht8NLfyzX+vxqHWeHBpGT1YNbUkW+9HcyTXc74703+JCiWy8tLnm6Vg3lG79hg3+o/djgaTkE=
x-amz-cf-id: X9iHea8UqPqAnUdJUNEVbNQ6Y29ByOoMLMkZ9jJaQuXDl94sZ-j77w==

GET
H2 200 information.jpg
www.fleuri.cc/pc/img/index/ 3 KB
3 KB 3041ms
3035ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/information.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27fd7b6b35a5e5e6999a675a3b8ef76b4e29425b8c4dd56bf2ed7a665eef0992

Request headers

:path: /pc/img/index/information.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTREDRXMAVFT2Q2
etag: "65d36778dc0b5af7c72f19c189b2cde4"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2757
x-amz-id-2: 18iXYN83F1qoxdik12lxEvOrfMea1bx2kFpfRdOnVl1RNflb0moHXDJ1/0npw1NNKpJlqzz9HbA=
x-amz-cf-id: NOst6bIPCcqQMAJ30uwNQ_SnSvwLeN-Bh8glQduUhySDfKtu8gJy_A==

GET
H2 200 go_list.jpg
www.fleuri.cc/pc/img/index/ 2 KB
2 KB 2889ms
2883ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/index/go_list.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 091a47956a469a570628373780fae2071876c0c7e155dda52c899f4f6391ecc6

Request headers

:path: /pc/img/index/go_list.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:36 GMT
server: AmazonS3
x-amz-request-id: 4YTSFQ793W04T4W5
etag: "b6e790237765f8312789e3eb108857a7"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1676
x-amz-id-2: cMylphKQZ33ScwkgFr9+jbVDLWlC8QyzrcZHoESPrNWhtJcP3VPGdwJ6sb+mau+PpaXWKCpTaoo=
x-amz-cf-id: Cgize_yVlZ5Mw3d04cs_8cJCKHiFKFOAuzYMLvp-kwMjk-hCRXSMUQ==

GET
H2 200 side_ban01.jpg
www.fleuri.cc/pc/img/common/right_menu/ 21 KB
21 KB 3097ms
3091ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/side_ban01.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6885a7257e9d8ccfcbe3f86b35f1899f9b5da35df3772bd914cfdec36f6739d

Request headers

:path: /pc/img/common/right_menu/side_ban01.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: 4YTMX6B89JR1QY9X
etag: "89313270d01acf7dee095b520904cb7d"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 21058
x-amz-id-2: g09PyxbwpKvg5pb/X87bKSW55zl70WIH+Svmb4n9NNxrNdd4I1fnZ9K5ijD7IKE4XwGQ9D0MyGo=
x-amz-cf-id: 79k7ybABXL_FS0lz9yJQ4NRKDbLoSK9HLK0FSREVLMr7KkWrUevljQ==

GET
H2 200 side_feel_ban.png
www.fleuri.cc/pc/img/common/ 26 KB
27 KB 3074ms
3068ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/side_feel_ban.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcccd66cd93632f74581835168754e3e93d1b740fdc01ae037df1854bac22e2e

Request headers

:path: /pc/img/common/side_feel_ban.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: B0KHVGETW3S3QHPR
etag: "32ea912757dcb177170f75f0d2295636"
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 26876
x-amz-id-2: PALEHYGRdtC1LUKgZazUGFeELc6k2D20uMFmrqbbA7NUweDf09qFrjdBBEPrS3WB6MlQRcsqwU8=
x-amz-cf-id: I2-VvOmMZxXTZR5Jc79ERHF3pfRl1wpRTyBBxjIxCkUMozy03AZdfQ==

GET
H2 200 arrow.jpg
www.fleuri.cc/pc/img/common/right_menu/ 499 B
917 B 2859ms
2854ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/arrow.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96280da1b41b47280f7cbad02d50009e9b2c893acbfc1d01bcad5916854696bf

Request headers

:path: /pc/img/common/right_menu/arrow.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: 4YTHCRDJYSS3RZZD
etag: "73fff0b21b22e0b3d60d9f3cdd696f9c"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 499
x-amz-id-2: rE9rUMbBNl8/CtVKR0rRHfnvSxkI9ceKcRRNLIO33/9CJRAk2evc/1T51my7da+M+R30H8/mD5o=
x-amz-cf-id: k0jsyuYVb-Gu1-denlOTioCz_WFtXPDxdxsef3vDt_ZQWkBedKpapA==

GET
H2 200 side_youtube_ban.jpg
www.fleuri.cc/pc/img/common/right_menu/ 11 KB
11 KB 2866ms
2860ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/side_youtube_ban.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8084d1c8e1fcad09e9dcd1ead10f5e0b4ed421e4bdbb16b5e98ca18880a4336

Request headers

:path: /pc/img/common/right_menu/side_youtube_ban.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: 4YTKKWE0MA2W3E8K
etag: "f61757b53a2c2a3b0f09cc8c8bda8274"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 10892
x-amz-id-2: c0S7xJWY9Y60cgoTI67usGeIe0+5+KYR2AI6p0asx7EgmjV96EJQ2o1tLUIdyY9cmGixGQN8QoU=
x-amz-cf-id: WKDH1gVRdDkuiuhDoqfYdIk65tsAkuF2E7lydaLZeP6n8cXWoFzScg==

GET
H2 200 side_insta_ban.jpg
www.fleuri.cc/pc/img/common/right_menu/ 15 KB
16 KB 2930ms
2925ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/side_insta_ban.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 883cc9007f21e7c3137547bbcf9aa9a49a1049f0142f35f23e9f26534502b61c

Request headers

:path: /pc/img/common/right_menu/side_insta_ban.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: 4YTS0Q28DN9AVH9A
etag: "2b88def48ab5fc29e69ca53ac66ecd9f"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 15569
x-amz-id-2: Mi4tUs3dWdFkmYBT1yuHSBFrMBWwhXh+K3QVEflZafGxyhtl4U33kj4n+J0LgPna3fIWgUzf+Bc=
x-amz-cf-id: IN2BH2IhIAF6GgmHgxfm_nYbP60TSo0HkcCWBY8hgrWmPGny6jJNWQ==

GET
H2 200 side_fb_ban.jpg
www.fleuri.cc/pc/img/common/right_menu/ 12 KB
13 KB 2794ms
2788ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/side_fb_ban.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e602625dd109f5e2af3f2f9803b296abd5f2a3ce8a561af5b79d1eccd674e65b

Request headers

:path: /pc/img/common/right_menu/side_fb_ban.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: WE0ER6FQFS6M5YQ3
etag: "f6ad2b104009a7992da18c5c390dc135"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 12444
x-amz-id-2: zUgWWmbSjarlfA4BL2tG/lB+/50dLZwsffVVR4tFshVcEU4A56SwevyYlfCebz5y5EJ+WukCNeo=
x-amz-cf-id: Wv3yhlzRmrtBNHzhWlv5LOnaPApO4Ndof2UEWk0qwZpI-BoowoCenQ==

GET
H2 200 side_yamato_ban.jpg
www.fleuri.cc/pc/img/common/right_menu/ 8 KB
8 KB 2850ms
2845ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/right_menu/side_yamato_ban.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a85df0da7dfba048f2d7a8d0002534bcdff0519c1ce1cd3316a7a02791c8cd50

Request headers

:path: /pc/img/common/right_menu/side_yamato_ban.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:35 GMT
server: AmazonS3
x-amz-request-id: 4YTTDBVEJ1SPETPK
etag: "bfbcfb3a21db816e0d505435780c1648"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8022
x-amz-id-2: rdhy4K8UXg7LeX7D5EXcu1bRsL5oMY6yPcxkjRvq0JcJNM7kRJRx8ZcCKXMTUF/hy0GqGXhpmyA=
x-amz-cf-id: rJiQIzYvWGcjS__k4WdjnFIss2Jv5FZuwxAe6xq0JMKdalsf8BSArg==

GET
H2 200 toTop.png
www.fleuri.cc/pc/img/common/footer/ 690 B
1 KB 2803ms
2798ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/footer/toTop.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b17e2fbefc934032cc3fc59f5676eb51e9b110212bc1f7bf89731570747a5864

Request headers

:path: /pc/img/common/footer/toTop.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTXMB5WFW5VXMR8
etag: "38519787f9e8a34633b76f58a63c2098"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 690
x-amz-id-2: v2wknNdJLkPntGp5FUshW/rIZHhxYHQIal1tQaO5nw1t052URx0xZ6w//6cz0OuFSbBMpbSdKO8=
x-amz-cf-id: l1fdd84rI0uH79cs7Ho87E8WxIgLDqm95DXXX2AwpcdDcohZrBpfag==

GET
H2 200 footer_logo_white.png
www.fleuri.cc/pc/img/common/footer/ 3 KB
3 KB 2888ms
2883ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/footer/footer_logo_white.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9521dc0fb84edd1468a5730229e7c95a066c91082d04ef3faf6df2cebfa5d6d9

Request headers

:path: /pc/img/common/footer/footer_logo_white.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTJ5BZMWT72PVJ0
etag: "b291d02d76a3e26ce26e06e86a3db3d0"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2645
x-amz-id-2: nzEwre/WfyA9wdg8imFJGesY0Gj7Crhq67LMRoFMIc3tU2ANnd0lwyQbmnhw0+srhk7r1Ehf9/o=
x-amz-cf-id: De3UxmJZnFT59XKQri6c5D1i5aUj7NvZv69VpIQZhpzwydxO4Y80Hw==

GET
H2 200 footer_img_center.png
www.fleuri.cc/pc/img/common/footer/ 3 KB
4 KB 2953ms
2948ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/footer/footer_img_center.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9958c4c539da6ddd7c7c120870332eca105f57bb4f6c5704cc4a135b94b8cbce

Request headers

:path: /pc/img/common/footer/footer_img_center.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTZD4V0XCSJ9TDX
etag: "2de8b00991c411ce2aedb59749a3cd64"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3576
x-amz-id-2: C32fTlugTKJnwq4av36aF6Ehs6yxyD7JIGCifP4ge3iz+GFlYWQcZwsHRfKTXVnvTZY+nFgrAZI=
x-amz-cf-id: 0ZPsmXh3lHpw8Ra2A4QRMUB5gJnib12uCNDGsJNqfR-5o47qzOajkA==

GET
H2 200 footer_tel.png
www.fleuri.cc/pc/img/common/footer/ 2 KB
2 KB 2860ms
2855ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/footer/footer_tel.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54e21cbd392db32de589e2f4b2aa54c64a645678ddddbadf3c19852b82d9c4dd

Request headers

:path: /pc/img/common/footer/footer_tel.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTHRPWYYYX6QGKV
etag: "293d93f1ee2bf77a28689d70d0472bc8"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1786
x-amz-id-2: RqhbTQSmh7XQL6MpDFHw9UMS052zjp0mVaVgNHzwgUbnSYEmRAAPvy9L2KgUh2lVdrqYa9I/IbY=
x-amz-cf-id: CMm8zucBrZjqIJS4o7aMUrxNOgSL89cj2N_qn5gBoYOsgve2N2rOGQ==

GET
H2 200 footer_contact.png
www.fleuri.cc/pc/img/common/footer/ 1 KB
2 KB 3018ms
3013ms Image
image/png 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/footer/footer_contact.png
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a959edf4308e54ebd8ffb56b72037e480ce31fe3e7282270777671475a21e69f

Request headers

:path: /pc/img/common/footer/footer_contact.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTZJ1TCBKD87XSA
etag: "d36ca7af408d6da5ea351b19cfe0ad47"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1338
x-amz-id-2: BMy+oGT0gaVjCmB4U/DZkCGXfkFs2gg9ruTtdJDLSKrDLa8fHZYksA/LsAKUT/1fD8Q4bWCaGXg=
x-amz-cf-id: fmTh_8g6j7PaV6woC7lyPBXXl5C_wanKAYVt3lBh50X5DKDmcMrB3A==

GET
H2 200 app.js Show response
www.fleuri.cc/js/ 458 KB
138 KB 1053ms
1053ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/js/app.js?id=a6689f54fdf6064b3551
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9599a595478fccc670e46ec9e1adf19a06a2c36cb6a7207be86c01b9c4c72cc6

Request headers

:path: /js/app.js?id=a6689f54fdf6064b3551
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"a6689f54fdf6064b3551a0915c0418f6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: ylDPsql9M9Rzyc-ABTz8OF_BCOSxAIquhYE2y_uQ9av-pBZjLC6CyQ==

GET
H2 200 site.js Show response
www.fleuri.cc/pc/js/ 14 KB
5 KB 999ms
999ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/js/site.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4ffe90f680e33d97001c7f9bebc1de9735c603bc8acf436c3e0a79d575a57b

Request headers

:path: /pc/js/site.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:39 GMT
server: AmazonS3
x-amz-request-id: P4PDDX10WX8RSYHS
etag: W/"de222862617980d13f115c51e5a0f639"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: __c9Zth2s4PKgdqwYpy5H3YrrGx3ubQbKnbZFr_oNlfsD6GcKnTBSw==
x-amz-id-2: EkmT7fRTtTPPNy7mRd1N0kUwYUpIsD3Gefopa9q7UT57fc2dfWtm9cZOreZY9syeh8VeB6mE5OA=

GET
H2 200 script.js Show response
www.fleuri.cc/pc/js/ 1 KB
987 B 984ms
975ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/js/script.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e52c11ecc28d4597646cc0e11202555b121008a911f48b401247df6a19b14a

Request headers

:path: /pc/js/script.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:39 GMT
server: AmazonS3
x-amz-request-id: P4PEJBVGG214TSMH
etag: W/"5fab8aefbb080fb020c6a860dd36f5a1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: cW7_E9Yhya9_GNdxa26ri2XxKPrljnoFDqVawlBYKjidD30v5Gs_Tw==
x-amz-id-2: N3+1EzPXusra2slPONMX7u0pv7BEQEFzn0Q+EC1EV5CushFRbH55keHfZ6+hVxlKHeiBCMYNXDA=

GET
H2 200 yotpo-jp-fixes.js Show response
www.fleuri.cc/pc/js/yotpo/ 1005 B
876 B 1033ms
1022ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/pc/js/yotpo/yotpo-jp-fixes.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7569fb74511e863e33fe30fc17befed5b88855cbf61ce56aa34638ae544b548e

Request headers

:path: /pc/js/yotpo/yotpo-jp-fixes.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 12:10:39 GMT
server: AmazonS3
x-amz-request-id: P4P5P4907QEARM1Z
etag: W/"bc110d05b5006042ea1c316501c8492d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zaiZ6ChC286eabuZ6XN0LAHUACTB1yyDrp2aY5G9eNhtVACYMJQjnQ==
x-amz-id-2: W976BSKNEnF/r8wyAVJpkwSRRloK5tE+X+q2m7O6nQHm6c7lJTI6pE/OK7yrTpO2WWXZOo27PJc=

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 51ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

36e1c00cb349689663b0abb4b6d7dd216e943087d56ffd54ff29093e7315224e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17353
x-xss-protection: 0
server: cafe
etag: 4619952618947136886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H/1.1 200
OK pixel.js Show response
cd-ladsp-com.s3.amazonaws.com/script/ 1 KB
2 KB 997ms
251ms Script
text/javascript 52.219.137.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd-ladsp-com.s3.amazonaws.com/script/pixel.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.137.37 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-northeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:40 GMT
Last-Modified: Wed, 08 Jan 2020 07:33:56 GMT
Server: AmazonS3
x-amz-request-id: P4P51HZSD5TR6M5K
ETag: "ce6d701190191d9e53a73c451743d171"
Content-Type: text/javascript
Cache-Control: public, max-age=864000, immutable
Accept-Ranges: bytes
Content-Length: 1480
x-amz-id-2: zcMHX1iAI59gKs7x/CjJNVZ9bz7RuMprS9i3Z+Jaml3apBj8AquDQ1jOB18ytMa0dO0sX3ofwcg=

GET
H2 200 s_retargeting.js Show response
b92.yahoo.co.jp/js/ 7 KB
3 KB 2577ms
258ms Script
application/javascript 183.79.249.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://b92.yahoo.co.jp/js/s_retargeting.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: ATS /
Resource Hash: 28a324c1f6f30d5787f8df1cd4e59e412e803a266c3fcd0f92a32fc648a36d89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 18 Sep 2021 19:39:04 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 08:51:59 GMT
server: ATS
age: 276
vary: Accept-Encoding
p3p: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
cache-control: public, max-age=600
accept-ranges: bytes
content-type: application/javascript
content-length: 2723
expires: Sat, 18 Sep 2021 19:49:04 GMT

GET
H/1.1 200
OK bl_track.js Show response
d-track.send.microad.jp/js/ 5 KB
6 KB 1035ms
252ms Script
application/javascript 103.142.124.65
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://d-track.send.microad.jp/js/bl_track.js

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.124.65 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

99528b17c7d835da7daa52057e7231556fcc69df7d185935cd631661ff798b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:39 GMT
Last-Modified: Tue, 12 Dec 2017 06:07:55 GMT
Server: Apache
ETag: "1464"
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 5220
Expires: Sat, 25 Sep 2021 19:43:39 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 65ms
17ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2771
date: Sat, 18 Sep 2021 18:57:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 18 Sep 2021 20:57:27 GMT

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ 293 B
700 B 103ms
14ms Script
application/javascript 23.45.103.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/10345300125.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.103.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-103-78.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 55ad22cba594ee369441d15314da77d2dc7df216a93d0ea92aa632141e0782a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: NZ7CRE7BTGDHZ1R3
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=37336
Date: Sat, 18 Sep 2021 19:43:38 GMT
Connection: keep-alive
Content-Length: 293
x-amz-id-2: DAvXgr9JdkWMpwawCyYObuunXb4hZGsXAkERTmx7JbO4trC7OWcAMtmOZVXq0xAKdmbL1/9gTvQ=

GET
H2 200 pixel.js Show response
cdn.smartnews-ads.com/i/ 4 KB
2 KB 113ms
21ms Script
application/javascript 2.18.232.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartnews-ads.com/i/pixel.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f6ed6203c6b84794084f41991dbc9fc608853a2cf1d097651314af3696ac0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: o6uFnmvCc1lP0uUXzfLmJEfML4lM1rmW
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 01:24:51 GMT
etag: "5d6c0b3ff41e9d7ec5cdd6a3b9b5a227"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=199
date: Sat, 18 Sep 2021 19:43:38 GMT
accept-ranges: bytes
content-length: 1574
expires: Sat, 18 Sep 2021 19:46:57 GMT

GET sdk.js
static.bytedance.com/pixel/ 0
0

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 149ms
22ms Script
application/javascript 2.18.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-182.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 261595338fd9066332abdbde9ab8f2cf826985e226e2d03904777799e54c9665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 06:15:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=682
accept-ranges: bytes
content-length: 9865
expires: Sat, 18 Sep 2021 19:55:00 GMT

GET
H2 418 widget.js
staticw2.yotpo.com// 0
0 145ms
120ms Script
text/plain 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com//widget.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
server: nginx
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-methods: GET,POST
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
access-control-allow-origin: *
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=98
access-control-allow-headers: *
content-length: 0

GET
H2 200 voicecount Show response
www.fleuri.cc/blog/ Frame 1100 6 KB
6 KB 891ms
888ms Document
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/voicecount
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1764bf1b7554d436e919a1ff3685210e6c9c6d7ba84cdebf7b756a31a48b471e

Request headers

:method: GET
:authority: www.fleuri.cc
:scheme: https
:path: /blog/voicecount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fleuri.cc/
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 18 Sep 2021 19:43:39 GMT
server: nginx
x-cached: Sat, 18 Sep 2021 19:43:39 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.fleuri.cc/blog/wp-json/>; rel="https://api.w.org/" <https://www.fleuri.cc/blog/?p=171>; rel=shortlink
x-cache: Miss from cloudfront
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _lO8T2ro0yaiPiQuBh-kNJxhnnUnRFLqlT2DWceFCyPYRab9VMxAFw==

GET
H2 200 newsfortop Show response
www.fleuri.cc/blog/ Frame 8291 15 KB
16 KB 917ms
915ms Document
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/newsfortop
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0df4f4b3fa4d5d41179d18856f3e0692ce24ba61672fb7dd756243ee45db3135

Request headers

:method: GET
:authority: www.fleuri.cc
:scheme: https
:path: /blog/newsfortop
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fleuri.cc/
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 18 Sep 2021 19:43:39 GMT
server: nginx
x-cached: Sat, 18 Sep 2021 19:43:39 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.fleuri.cc/blog/wp-json/>; rel="https://api.w.org/" <https://www.fleuri.cc/blog/?p=3579>; rel=shortlink
x-cache: Miss from cloudfront
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _PaHA8f6hvMwfXCtgSGSp7lqIeOjEiWOIFPB1LBoqoJnf5z1cNKNPg==

GET
H2 200 skincarecount Show response
www.fleuri.cc/blog/ Frame C330 5 KB
6 KB 995ms
994ms Document
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/skincarecount
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aa7cea1a39b870bedb4b2853fecb107b73b646189b1acd8e3c6472ba5c7e8a7c

Request headers

:method: GET
:authority: www.fleuri.cc
:scheme: https
:path: /blog/skincarecount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fleuri.cc/
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 18 Sep 2021 19:43:39 GMT
server: nginx
x-cached: Sat, 18 Sep 2021 19:43:39 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.fleuri.cc/blog/wp-json/>; rel="https://api.w.org/" <https://www.fleuri.cc/blog/?p=169>; rel=shortlink
x-cache: Miss from cloudfront
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: oB4eYaUCtrICXckrrEAEh75c4KmFP7PqfpDwFN4w3-sMPe-3ECvOWA==

GET
H2 200 bg_nav.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 2928ms
2925ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/bg_nav.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f7d27ec5d72fb9eea704926ee77f5561f5b2387cf0b28a86008be63c2c919e8

Request headers

:path: /pc/img/common/header/bg_nav.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTK0JKBNMJRY7JW
etag: "3cf33aec09e6282d0dee3a23a8dd7489"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2631
x-amz-id-2: rgXB2C2LxxuxzAi4ASghV6F6XiQncRhW1C5swu2JoLoQZTBRSNlukVsHHVFR29FOPnpvuEM4gTc=
x-amz-cf-id: 68IhC93-dxxgDeUkUnZMSKieawdjgvwcgmQtAdBD9fcpry7ouQhSAA==

GET
H2 200 nav01_o.jpg
www.fleuri.cc/pc/img/common/header/ 2 KB
2 KB 3071ms
3069ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav01_o.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9988adbb1e09f87a942088a13510186763ea55d55c4e8d034c66217ad6ab5233

Request headers

:path: /pc/img/common/header/nav01_o.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTZTMP1GK72ZWM5
etag: "df502a4795a62517a4bac856dbdb13e9"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1848
x-amz-id-2: xIwIGF1ftmY9Wr9OiwUmmJzWxlPj7c1ZQ+DniCjYD9l4YQ2zOUh18ERiobroWOhIJNMRvFJQ/aw=
x-amz-cf-id: 5Iy-OVHsUOFtOkyooId3khL7quehWW2jgVX-zQEL8E5Yw7kwvs0RGQ==

GET
H2 200 nav02_o.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 3096ms
3093ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav02_o.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838df9ed704db97391f080b25ad6c97045ebb661c3ee74ff4bcf5bfcada2690c

Request headers

:path: /pc/img/common/header/nav02_o.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTG0SFKMXC0VWZ2
etag: "2d12edc5a82a8bec1a0396b3385bd502"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2769
x-amz-id-2: J2Jzho/PABGXrktoSmURdlWb7wXgKTIG05M70lngJ1TTqmx5GqkQa83DOd30b9U1f6jj+CBNnFY=
x-amz-cf-id: 8NkiUsSbSCjsARPPZ3b08Odou2s_TC3UFGe95v9tDTMUkGN_PHINXw==

GET
H2 200 nav03_o.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
4 KB 2873ms
2871ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav03_o.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af3b9ece03241bb4ebe2be211bb39553dae8a4387899927e4929d985c244ae85

Request headers

:path: /pc/img/common/header/nav03_o.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTJX3SEGHSC95Y2
etag: "a91be33d8423bae81a93d5ae0b9368f4"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3367
x-amz-id-2: XzI2UxkbxKZNmuDqmwYbgxEa7+wollhbsf1lcTtlHCucxqC7bMela16qYBBzta82i9+9CnvK+gM=
x-amz-cf-id: -q0wK2bBoHoEPNM2royvPZE_CgfF24Y5m4HLSixrS2Tej2GMtgYMEQ==

GET
H2 200 nav04_o.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 2874ms
2872ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav04_o.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 153c96ad5d5c58461027d8d1a25cb192fd9243ca97be31f021915d015c907d80

Request headers

:path: /pc/img/common/header/nav04_o.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTHZJBGGG940N7Z
etag: "7ac789c43658b847fc11863bb23bda52"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2670
x-amz-id-2: sy0hJheE/kSNyLzStfAkJ5VtbpMJfIeRTNDXEIdIByeCXeIfTaEb1YdVKd+kLD0MibHqrgZvdG8=
x-amz-cf-id: gqONz3Uhz8j_LiozUsYp80qhBwXAbxguBbh-bLnyHYIBcURgZxQg6A==

GET
H2 200 nav05_o.jpg
www.fleuri.cc/pc/img/common/header/ 3 KB
3 KB 3084ms
3081ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/header/nav05_o.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a675cba7b068715d81601e794dc8103155c151a6febc2e34801e5e6ea841c3b

Request headers

:path: /pc/img/common/header/nav05_o.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTYGH1HGFSC6TWK
etag: "b5f99df7349b4ba7f3d0947132944b8a"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2907
x-amz-id-2: MNSvGMbnxn+SzH3Vk9i0U+mqFIM0qqJJCyyFgtOHfGRqJgiWOl6Od59Dpg28v6yvhuhuKl2y8Ng=
x-amz-cf-id: vRv6l-bG65JYRTKEa7iIFbT1MJOmAc8qGJTSnIOg-0MHZqxbZGxDPQ==

GET
H2 200 bg_footer.jpg
www.fleuri.cc/pc/img/common/ 16 KB
17 KB 2866ms
2864ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/pc/img/common/bg_footer.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/pc/css/common/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 560825ae9bdf057573429755507dcd12f4409a80226ea1f6089e76938f4489c9

Request headers

:path: /pc/img/common/bg_footer.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/pc/css/common/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/pc/css/common/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 12:10:34 GMT
server: AmazonS3
x-amz-request-id: 4YTK8B33N5YDV4FP
etag: "d53190363467b9b2891e663acdbaeb05"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 16854
x-amz-id-2: vI20/6dRpnxUjCRg4qns07/GfMHlD+pQnLjlz/bc0d7oVVSdMICWN3RD2rrN7qSgCB7tvUScfFk=
x-amz-cf-id: eKPVTr8LKznYlM0IiH-JBYpg809Wk713PTR1UqsEzjXYOsv1aNE3vA==

GET
H2 200 a10345300125.html Show response
a10345300125.cdn.optimizely.com/client_storage/ Frame C288 2 KB
1 KB 83ms
15ms Document
text/html 23.67.128.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a10345300125.cdn.optimizely.com/client_storage/a10345300125.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/10345300125.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.128.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-128-30.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

eee8f7d5892b1cb2caac75467cf161ac2cd868e830891dac84709b2e541416d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a10345300125.cdn.optimizely.com
:scheme: https
:path: /client_storage/a10345300125.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fleuri.cc/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

x-amz-id-2: gk/81tvI6tYYhUdREXHKzMpn689IZQby3+2KEdF8ABo7y2RnZJEWAdsssqFEBgAvK17BAfw8WMY=
x-amz-request-id: CDSATMKZKYPA3Y7X
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Sep 2021 10:11:06 GMT
etag: "b542c3e4b8ef7e87dabfc2489daac849"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: cjRcqLR__rYlrQU639ACfC3A5ja0wwo1
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 815
vary: Accept-Encoding
cache-control: max-age=120
date: Sat, 18 Sep 2021 19:43:38 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="23.67.128.30";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 24ms
23ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1676284591&utmhn=www.fleuri.cc&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&utmhid=880220846&utmr=-&utmp=%2F&utmht=1631994218623&utmac=UA-32130302-1&utmcc=__utma%3D38422900.749108967.1631994219.1631994219.1631994219.1%3B%2B__utmz%3D38422900.1631994219.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=261964580&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131374070-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-672187758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79687f1fcf53bc1d540dcae63dc538c15037a0eeb6578918ef1c45fa79e48523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40347
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-835661375&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-672187758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df9f00ecc5f967b2eada8aa69fc2781561a4e0f48f22bce34286c507f8bf5cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39186
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131374070-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3098
date: Sat, 18 Sep 2021 18:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 18 Sep 2021 20:52:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 29ms
28ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-835661375

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14042
x-xss-protection: 0
server: cafe
etag: 5157641309300231189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 19:43:38 GMT

GET
H2 200 p
i.smartnews-ads.com/ 2 B
178 B 729ms
237ms Image
text/plain 52.199.30.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=f30170e71544c2ea2045aad9&t=1631994218&url=https%3A%2F%2Fwww.fleuri.cc%2F&referrer=&e=PageView&v=1.0.0&exid=d8d96105-d3b7-4c44-b29d-20c4e5d132df
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.30.188 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-30-188.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/835661375/ 2 KB
2 KB 73ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835661375/?random=1631994218709&cv=9&fst=1631994218709&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc614318fbfd9d4d2b1f6bdfdb6a1c798ed2a1cf859bf01110a4fbffeae04787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672187758/ 2 KB
1 KB 74ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672187758/?random=1631994218711&cv=9&fst=1631994218711&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe4f7372bb1015d2035f015377a71d804d8a51c18b590307fb473ddfb1d937eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 17ms
17ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=880220846&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fleuri.cc%2F&ul=en-us&de=UTF-8&dt=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=38422900.749108967.1631994219.1631994219.1631994219.1&_utmz=38422900.1631994219.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1631994218719&_u=YQBCAUABAAAAAC~&jid=925720425&gjid=1133705907&cid=749108967.1631994219&tid=UA-131374070-1&_gid=551631447.1631994219&_r=1&gtm=2ou9f0&z=1002905851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fleuri.cc/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fleuri.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 777ms
252ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d53dc435-95b4-4006-ad99-1974e9ef3f18&b_u=https%3A%2F%2Fwww.fleuri.cc%2F&b_d=www.fleuri.cc&b_p=%2F&b_t=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&c_t=lap&t_id=4eded2aa-6dc6-4528-ac90-d895325b7809&s_id=8ce396fd-a4bedafe&x4=1&e=pv&v=3.0.0&_t=1631994218765
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:39 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/835661375/ 42 B
108 B 76ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/835661375/?random=1631994218709&cv=9&fst=1631991600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&async=1&fmt=3&is_vtc=1&random=678700482&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/835661375/ 42 B
108 B 45ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/835661375/?random=1631994218709&cv=9&fst=1631991600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&async=1&fmt=3&is_vtc=1&random=678700482&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/672187758/ 42 B
569 B 73ms
30ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672187758/?random=1631994218711&cv=9&fst=1631991600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&async=1&fmt=3&is_vtc=1&random=500069755&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/672187758/ 42 B
569 B 41ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672187758/?random=1631994218711&cv=9&fst=1631991600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&async=1&fmt=3&is_vtc=1&random=500069755&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 voice.css
www.fleuri.cc/blog/css/ Frame 1100 5 KB
2 KB 250ms
247ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/voice.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6f9d2afc8bab66ceee5d55d9c3e787d67d9592ce30909408d1a82ad7282fc61

Request headers

:path: /blog/css/voice.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d07cc-124e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: YXH7GwfBUX-9X1E8rKwGIeWepvhpdzvsxZmqQEz25XWDtpAB9LQ7iA==

GET
H2 200 table.css
www.fleuri.cc/blog/css/ Frame 1100 562 B
860 B 250ms
246ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/table.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 953a3b5a802a49e944fda8f1294a97c4c365cd6f052bad52e5ad2f1d6d36c8df

Request headers

:path: /blog/css/table.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0d07cc-232"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 562
x-amz-cf-id: 4wT_fkxVklKcHS3Ntl4ohX2LVkAyximc5RZ8lhce_qtL19oKGenMkw==

GET
H2 200 count.css
www.fleuri.cc/blog/css/ Frame 1100 2 KB
778 B 249ms
246ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/count.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f7072b4e5530be9bf6989a0d9a2573bb5d93ac105b7b5b9ff40f57ed40323dc0

Request headers

:path: /blog/css/count.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d07cc-6d4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: jmEvxSaE8Akudg8A8QrzKLyD_tvHPHDnnsi8VXkjvsLdhGwLMAKeBg==

GET
H2 200 css
fonts.googleapis.com/ Frame 1100 1 KB
925 B 72ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:29:14 GMT
server: ESF
date: Sat, 18 Sep 2021 19:43:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 19:43:39 GMT

GET
H2 200 style.min.css
www.fleuri.cc/blog/wp-includes/css/dist/block-library/ Frame 1100 29 KB
5 KB 250ms
247ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

:path: /blog/wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-7257"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: XhyWDgv-ibwsarBEkHIMYl21VNTvGeWNb8JkIEMAPUV2aQUQiqeDog==

GET
H2 200 styles.css
www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/css/ Frame 1100 2 KB
878 B 250ms
247ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 05 Aug 2019 01:25:35 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d47858f-695"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: 4RnuMpMnN6vtl8WCoN0k7Fnm9aif9zvfENL9BYffyykP8XclvsQjOQ==

GET
H2 200 styles.css
www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/ Frame 1100 224 B
524 B 251ms
248ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/styles.css?ver=5.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2529e6744614421fbd4dbeaacc8d5dcda829fb233eb8cee1d45cb6f1bafbec80

Request headers

:path: /blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/styles.css?ver=5.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2019 17:12:17 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0d0ff1-e0"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 224
x-amz-cf-id: 43Uoi6wENV7ovuWgBDUEXb9QyqgZUSVzP_lW_MCva7Zr2MpZ5hlLQw==

GET
H2 200 jquery.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame 1100 95 KB
33 KB 249ms
247ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 13:43:53 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0b8d99-17a69"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: oMTWdK2QLdhfH3oUUH1-6A_crkseyNwz2dUXrsaxK8sjkOeGukL6nw==

GET
H2 200 jquery-migrate.min.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame 1100 10 KB
4 KB 254ms
251ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 13:43:53 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0b8d99-2748"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: scc5zzFOZbNqURXSYvwlK9vbM0IKbVIge37tvT1rK4ttcmXTTFsWZQ==

GET
H2 200 script.js Show response
www.fleuri.cc/blog/wp-content/plugins/vk-link-target-controller/js/ Frame 1100 374 B
683 B 252ms
250ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/vk-link-target-controller/js/script.js?ver=1.3.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12c72ac36dc2ee06d7376aeb7b525086f213acc40eff4462d738c9afddcbe470

Request headers

:path: /blog/wp-content/plugins/vk-link-target-controller/js/script.js?ver=1.3.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2019 13:43:50 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0b8d96-176"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 374
x-amz-cf-id: 3AuaK4QmoWbRRfgMvIK4ro4NescfDrfzgoN93lE4hwlSNu5_Pu3yWw==

GET
H2 200 scripts.js Show response
www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/js/ Frame 1100 14 KB
4 KB 251ms
250ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 05 Aug 2019 01:25:35 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d47858f-3868"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: W3EXni3Fl0A3GSdP6gPrAOF3smaUlWBJWuPJWUB2ocwMA-QdUOtm3w==

GET
H2 200 jquery.form.min.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame 1100 16 KB
6 KB 255ms
253ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c

Request headers

:path: /blog/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-3e8f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: BYpc8_8gk9Fw2ECcYtyv9NO82Zujd20edATVJP7xZncYRjWZFJmz8A==

GET
H2 200 scripts.js Show response
www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/ Frame 1100 7 KB
2 KB 255ms
253ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/scripts.js?ver=5.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a0b4845ba969885a5d65494fc1431680588dd83b0497b9342175f5a1d1e9573

Request headers

:path: /blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/scripts.js?ver=5.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 17:12:17 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d0ff1-1b59"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: PA3-4jfP99jhy6p_ThyJ7YRok9goC15Km6Avf-dIUtVhSE18lgfmww==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 1100 919 B
773 B 29ms
26ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19a26a5ad31a41f17b9bccf4338566d03e43687197ab10b47325b1bd45b55237

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Sat, 18 Sep 2021 19:43:39 GMT

GET
H2 200 wp-embed.min.js Show response
www.fleuri.cc/blog/wp-includes/js/ Frame 1100 1 KB
965 B 254ms
252ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/wp-embed.min.js?ver=5.2.12
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/voicecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /blog/wp-includes/js/wp-embed.min.js?ver=5.2.12
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/voicecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-56f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: 1UjGVvpbtIC8nven1MjDN6VCoFcUFXdoBbzdf85EDfIu0Vd7irhT3w==

GET
H2 200 reset.css
www.fleuri.cc/blog/css/ Frame 8291 2 KB
1 KB 250ms
248ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/reset.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d9c2d6a85b73160d55073d1d72237f5b22f69f75dd16b60c8817313d5154446

Request headers

:path: /blog/css/reset.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Tue, 23 Jul 2019 09:59:10 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d36da6e-730"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: 4i_63tvAB29M8lwjz_otZ2N-GFOJl7QIaAaR-S1DQTIzorS144PpZQ==

GET
H2 200 reset2.css
www.fleuri.cc/blog/css/ Frame 8291 3 KB
1 KB 257ms
255ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/reset2.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 52226277699f21f087828599f9b7da09978f5a411ae7aa0457a38a2e9c93d5b2

Request headers

:path: /blog/css/reset2.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2019 08:47:22 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d108e1a-bfe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: ZXaWOFLQJt6T8CfVTlp7MRuvTQtgRw07pymMjfhSn8SnxiXORJt1tA==

GET
H2 200 common.css
www.fleuri.cc/blog/css/ Frame 8291 11 KB
3 KB 259ms
256ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/common.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 20b38fcd93d75d872fdf0be0e6a1902085b1c823c0bf786277cd8a3ab87bf88e

Request headers

:path: /blog/css/common.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d07cc-2cc6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: aMD2iY0fN0EWu2k3AwcDsdKMZAEGiW0RX1AF6IhUvCOhee-rO4itHw==

GET
H2 200 nav.css
www.fleuri.cc/blog/css/ Frame 8291 498 B
797 B 255ms
253ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/nav.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a8047e4d5cf979b39adf7e31a26dfa888f67cd7adcd272ef2178b6c3e8f4fe4

Request headers

:path: /blog/css/nav.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0d07cc-1f2"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 498
x-amz-cf-id: Tj9pjVzYa9dOBzi-wsFiYelfGwYeglfBppWqyG4MJtUUvH1JCqYxfw==

GET
H2 200 news.css
www.fleuri.cc/blog/css/ Frame 8291 383 B
681 B 250ms
248ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/news.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 72c9ca239d52f17ddd30823b8f9108231a3cf36bdc10abd677d389d75696f90a

Request headers

:path: /blog/css/news.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0d07cc-17f"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 383
x-amz-cf-id: FHjJ4L6jGFay4bwiF4rQrqqGC5700o_epM6bCGs_cfgU-CeibL_CMQ==

GET
H2 200 prettyPhoto.css
www.fleuri.cc/blog/js/prettyphoto/css/ Frame 8291 17 KB
2 KB 256ms
254ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/js/prettyphoto/css/prettyPhoto.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d8e194a368e509276cabfd4caeb724e5fc7bdeb16ce840e955e596565ddd313

Request headers

:path: /blog/js/prettyphoto/css/prettyPhoto.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 13:43:55 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0b8d9b-4204"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: JkRq4SRrzq_14mFwHIRBwrDNMIr1iIi7uZF6iwWHqB-G_wjA0vyLrg==

GET
H2 200 flexnav.css
www.fleuri.cc/blog/sp/css/ Frame 8291 2 KB
977 B 255ms
253ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/sp/css/flexnav.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e4caa3aeae7560299fa0c0414ba10c9024cd2d5c4f6bba643c2e08b29a395682

Request headers

:path: /blog/sp/css/flexnav.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 22 Jul 2019 09:57:30 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d35888a-8bf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: 3C2PYE0dsrwEXuXV7V2Eb3J2N1-yumIL1AsbBhzjUOafcGqCxilsMQ==

GET
H2 200 acms.css
www.fleuri.cc/blog/css/ Frame 8291 24 KB
5 KB 255ms
253ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/css/acms.css
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed9aa95e968b0cef83cdc7fc30bd038a578120b4b25531d903a2bb51dce43b7

Request headers

:path: /blog/css/acms.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:37:32 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d07cc-5e0b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: pRc8JFGX-CL2CWSxM8ZNvzxCoB0I2XqJd-8XNn4NvhpFdBzgcjlJGw==

GET
H2 200 jquery.js Show response
www.fleuri.cc/blog/js/ Frame 8291 252 KB
69 KB 257ms
256ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/js/jquery.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a415c4922b4ed1f6170ab6b8e367b2d194fd8d37c0d038fdae33c1e30c56ce5c

Request headers

:path: /blog/js/jquery.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:30:38 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d062e-3ef56"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: -OdJndsiim8vOoSQL1wGNweT3Pc8_OwIkFB85OjG4a3TUMWUOXGUlg==

GET
H2 200 lower-jquery.js Show response
www.fleuri.cc/blog/sp/js/ Frame 8291 1 KB
792 B 253ms
252ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/sp/js/lower-jquery.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 187f9b0598a85bca461dad3c45443c4ffc5a63a4ea14e62ee6425b25768d7bc2

Request headers

:path: /blog/sp/js/lower-jquery.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:29:23 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d05e3-44b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: FBB4iHiBX5qHnnLJ62YJDBS0yAg9RywcBSppDiLigv65-GWl3xyLCw==

GET
H2 200 jquery.tinyscrollbar.min.js Show response
www.fleuri.cc/blog/js/ Frame 8291 3 KB
1 KB 263ms
263ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/js/jquery.tinyscrollbar.min.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82

Request headers

:path: /blog/js/jquery.tinyscrollbar.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 16:30:38 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d062e-ae1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: akA43dYvFDZbi_AEr84rmDEahYxR2pbTUPksBB7paVlDKd6kkZkA8g==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
358 B 440ms
99ms XHR
text/plain 35.174.227.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/10345300125.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.227.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-227-42.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fleuri.cc/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 18 Sep 2021 19:43:39 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fleuri.cc
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: a4f657ad-50fd-48ed-85ff-24e838fb9a1d

GET
H2 200 css
fonts.googleapis.com/ Frame C330 1 KB
512 B 30ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 19:26:48 GMT
server: ESF
date: Sat, 18 Sep 2021 19:43:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 19:43:39 GMT

GET
H2 200 style.min.css
www.fleuri.cc/blog/wp-includes/css/dist/block-library/ Frame C330 29 KB
5 KB 307ms
304ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

:path: /blog/wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-7257"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: SYxd3SvuErKX57R_QTBDNYMEEZdFRWr6XgF4fmCnsQ-W3EURJKh6vA==

GET
H2 200 styles.css
www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/css/ Frame C330 2 KB
879 B 256ms
254ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 05 Aug 2019 01:25:35 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d47858f-695"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: XJGiJYcSLudlWrDQR_6R2hfB5DGpQC-L1lJwnjYJuRG0BEqhIw10IQ==

GET
H2 200 styles.css
www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/ Frame C330 224 B
523 B 307ms
304ms Stylesheet
text/css 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/styles.css?ver=5.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2529e6744614421fbd4dbeaacc8d5dcda829fb233eb8cee1d45cb6f1bafbec80

Request headers

:path: /blog/wp-content/plugins/contact-form-7-add-confirm/includes/css/styles.css?ver=5.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2019 17:12:17 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0d0ff1-e0"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 224
x-amz-cf-id: WhI1f6cWjlF87dLIYgQvFlhfh4RlJP4bG2UZG9p1RHqhxMkf3szsZw==

GET
H2 200 jquery.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame C330 95 KB
33 KB 258ms
255ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 13:43:53 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0b8d99-17a69"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: G5HZO82dwMzodErePVdIZdE-b8UBsaewYiCKNmoyTWMKdaHVBjE07g==

GET
H2 200 jquery-migrate.min.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame C330 10 KB
4 KB 258ms
256ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 20 Jun 2019 13:43:53 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0b8d99-2748"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: dETtKzhbGJi5iuVWLpQRUO5Up3_HlLDcdp0dC2k9Qg71y57E6RURwg==

GET
H2 200 script.js Show response
www.fleuri.cc/blog/wp-content/plugins/vk-link-target-controller/js/ Frame C330 374 B
684 B 255ms
253ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/vk-link-target-controller/js/script.js?ver=1.3.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12c72ac36dc2ee06d7376aeb7b525086f213acc40eff4462d738c9afddcbe470

Request headers

:path: /blog/wp-content/plugins/vk-link-target-controller/js/script.js?ver=1.3.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2019 13:43:50 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5d0b8d96-176"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 374
x-amz-cf-id: QRHM35vsO4rAgLb6ysiPFC0twQjm5pXJ7GxWQcLsFaCGMS9IK90CKA==

GET
H2 200 scripts.js Show response
www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/js/ Frame C330 14 KB
4 KB 309ms
307ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Mon, 05 Aug 2019 01:25:35 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d47858f-3868"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: wf0ZyqEb5RsrTAvYflIJFYiSdnCWvmvtvOUCOJ82fD72Pcnaiwbogw==

GET
H2 200 jquery.form.min.js Show response
www.fleuri.cc/blog/wp-includes/js/jquery/ Frame C330 16 KB
6 KB 250ms
248ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c

Request headers

:path: /blog/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-3e8f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: UQtcyAiLYlrrUG5Gue3s6P6G36TPaIk-m3AzPc8TbzBdM329mfmDOQ==

GET
H2 200 scripts.js Show response
www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/ Frame C330 7 KB
2 KB 253ms
252ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/scripts.js?ver=5.1
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a0b4845ba969885a5d65494fc1431680588dd83b0497b9342175f5a1d1e9573

Request headers

:path: /blog/wp-content/plugins/contact-form-7-add-confirm/includes/js/scripts.js?ver=5.1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 17:12:17 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"5d0d0ff1-1b59"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: wfRZF-X7v190Eri4f5Viv9aFPadUSMBhRyn7bb2Y8E47LRxWm1yUAg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame C330 919 B
669 B 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19a26a5ad31a41f17b9bccf4338566d03e43687197ab10b47325b1bd45b55237

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Sat, 18 Sep 2021 19:43:40 GMT

GET
H2 200 wp-embed.min.js Show response
www.fleuri.cc/blog/wp-includes/js/ Frame C330 1 KB
965 B 305ms
304ms Script
application/javascript 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-includes/js/wp-embed.min.js?ver=5.2.12
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/skincarecount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /blog/wp-includes/js/wp-embed.min.js?ver=5.2.12
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/skincarecount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 13:47:14 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"607843e2-56f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-id: Y3ryl5sv9wTit3SNA_ZMf84lPQvFnSaIhCXkWh-2hLXh1gch0xQ-yg==

GET
H2 200 widget.js Show response
staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/ 444 KB
120 KB 243ms
242ms Script
text/javascript 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/widget.js

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

45a42d84d91006002f7f8098a49855f961fd703675c84880023902f5136f048a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=119
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 9162d3a8d51ae7d4987b1529ffe3c1d7
x-runtime: 0.028117
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"457ee213d5d4767252706a2f2330b286"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1005479554/ 2 KB
1 KB 22ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1005479554/?random=1631994219680&cv=9&fst=1631994219680&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

63942bc6ed8fdf11ce911006f09660b8be726f0c42d0d9dd69484c5a81103f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1005479554/ 2 KB
1 KB 17ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1005479554/?random=1631994219689&cv=9&fst=1631994219680&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a7281999407162123037c6381a78519ab02ee28a8a1c4a1a31a746ce638bf844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1005479554/ 2 KB
1 KB 17ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1005479554/?random=1631994219737&cv=9&fst=1631994219680&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

99bca633f06dbe7cedb8da26e31841617942671d0d31b3112fbffd8351476f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel Show response
px.ladsp.com/
Redirect Chain

https://px.ladsp.com/pixel?advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=
https://px.ladsp.com/pixel?cr=true&advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=

527 B
870 B

239ms
239ms

Script
text/javascript

3.115.55.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ladsp.com/pixel?cr=true&advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.55.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-55-52.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 82951c3b6e1efd5ccd0adc2b19f69e08ccf97f84bbcef26f3cdcd962474418af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
cache-control: private, no-store, no-cache, must-revalidate
expires: -1
server: Logicad
content-type: text/javascript;charset=utf-8
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
server: Logicad
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://px.ladsp.com/pixel?cr=true&advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=
cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
content-length: 0
expires: -1

GET
H2

200

/
www.google.de/pagead/1p-user-list/1005479554/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=188638701&cv=9&fst=1631994219680&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
https://www.google.com/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1...
https://www.google.de/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=12...

42 B
108 B

30ms
29ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1061718979&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1005479554/?random=188638701&cv=9&fst=1631991600000&num=1&value=0&label=ETy-CP6m9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1061718979&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1005479554/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=427187559&cv=9&fst=1631994219680&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
https://www.google.com/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1...
https://www.google.de/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=12...

42 B
108 B

21ms
21ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1181967356&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1005479554/?random=427187559&cv=9&fst=1631991600000&num=2&value=0&label=9ds5CPan9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=1181967356&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1005479554/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005479554/?random=1269476908&cv=9&fst=1631994219680&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTy...
https://www.google.com/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=...
https://www.google.de/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1...

42 B
108 B

24ms
24ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=2042587256&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1005479554/?random=1269476908&cv=9&fst=1631991600000&num=3&value=0&label=eagOCO6o9gIQgs253wM&bg=ffffff&hl=en&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=2042587256&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.css
staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/ 482 KB
49 KB 419ms
419ms Stylesheet
text/css 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/widget.css?widget_version=2021-09-14_09-04-18

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

39194933f95a1c6b5697f3e49cd4ba12ffe61857a8224e00d5e015c6e5976c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=187, origin; dur=218
vary: Accept-Encoding
content-length: 49756
x-xss-protection: 1; mode=block
x-request-id: d49689b208bd93e46cb5eb391c22aafb
x-runtime: 0.128422
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"356c5480c7b75820da5f7a0fbe4e4196"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 wp-cron.php Show response
www.fleuri.cc/blog/ Frame 1100 0
231 B 247ms
247ms XHR
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-cron.php
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
:path: /blog/wp-cron.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.fleuri.cc/blog/voicecount
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jSvG4FzHkpCcQqpWOKEGQaEgWqc1r-HQBxina-Gv_F12ZSV_pzrZKQ==
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v24/ Frame 1100 13 KB
14 KB 63ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v24/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fleuri.cc
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 04:28:43 GMT
x-content-type-options: nosniff
age: 486897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 18:33:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:28:43 GMT

POST
H2 200 admin-ajax.php Show response
www.fleuri.cc/blog/wp-admin/ Frame 1100 2 B
506 B 837ms
837ms XHR
application/json 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fleuri.cc/blog/wp-admin/admin-ajax.php

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.fleuri.cc
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
content-length: 10
:path: /blog/wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/voicecount
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.fleuri.cc/blog/voicecount
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-cached: Sat, 18 Sep 2021 19:43:40 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.fleuri.cc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
x-amz-cf-id: CPW0WRIUSQd_9cu1HQRDhYrTTHTDeCottUNZ0fFGm_VnrZimac9dMw==
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 1100 342 KB
134 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fleuri.cc/
Origin: https://www.fleuri.cc
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 18 Sep 2022 19:31:55 GMT

GET
H2 200 wp-cron.php Show response
www.fleuri.cc/blog/ Frame C330 0
230 B 250ms
250ms XHR
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleuri.cc/blog/wp-cron.php
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
:path: /blog/wp-cron.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.fleuri.cc/blog/skincarecount
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: WLF26PyOADn1DDtFyH1i17yOPIoqxNpZHtzJMLWDeooggKgKV0nmow==
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8

POST
H2 200 admin-ajax.php Show response
www.fleuri.cc/blog/wp-admin/ Frame C330 2 B
507 B 1140ms
1140ms XHR
application/json 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fleuri.cc/blog/wp-admin/admin-ajax.php

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.fleuri.cc
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
content-length: 10
:path: /blog/wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/skincarecount
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.fleuri.cc/blog/skincarecount
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-cached: Sat, 18 Sep 2021 19:43:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.fleuri.cc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
x-amz-cf-id: NRAJ3Xc6BWmGvccDIDx8ZGua_JJZNy8a8qZwpWVn9i2CWxv1xMVpYw==
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame C330 342 KB
134 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fleuri.cc/
Origin: https://www.fleuri.cc
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 18 Sep 2022 19:31:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS/widget.css?widget_version=2021-09-14_09-04-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:58:34 GMT
server: ESF
date: Sat, 18 Sep 2021 19:43:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 19:43:40 GMT

GET
H2 200 newsfortop
www.fleuri.cc/blog/ Frame 8291 8 KB
8 KB 750ms
749ms Image
text/html 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/blog/newsfortop
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /blog/newsfortop
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.fleuri.cc/blog/wp-json/>; rel="https://api.w.org/" <https://www.fleuri.cc/blog/?p=3579>; rel=shortlink
x-amz-cf-id: YDEm9n3DRQnJWyAZAWk7n_G87PqTtmkRP88qP0tNem8bGl6AJyZzfA==
x-cached: Sat, 18 Sep 2021 19:43:41 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 bar.jpg
www.fleuri.cc/common/default/img/common/ Frame 8291 322 B
624 B 257ms
256ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/common/default/img/common/bar.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b591302cc031f28264cf8a95cdbd10640c0428f67caec621143ea83708492c6

Request headers

:path: /common/default/img/common/bar.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2019 02:45:50 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5cb541de-142"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 322
x-amz-cf-id: PINQGtLeuB9YluhGw5eyWPh_yL0kqpLZqyirqEtnTMZSf5_x5yUL_g==

GET
H2 200 thumb.jpg
www.fleuri.cc/common/default/img/common/ Frame 8291 323 B
624 B 257ms
257ms Image
image/jpeg 2600:9000:21f3:a200:2:89de:a580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fleuri.cc/common/default/img/common/thumb.jpg
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/blog/newsfortop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:2:89de:a580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 77906845d00f7a90f9d73be185f477335936d6921e29ed75f281098bfad1d69e

Request headers

:path: /common/default/img/common/thumb.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D; fleuri_ec_system_session=eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D; optimizelyEndUserId=oeu1631994218501r0.12540622793527412; __utma=38422900.749108967.1631994219.1631994219.1631994219.1; __utmc=38422900; __utmz=38422900.1631994219.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=38422900.1.10.1631994219; _gcl_au=1.1.436641229.1631994219; snexid=d8d96105-d3b7-4c44-b29d-20c4e5d132df; _ga=GA1.2.749108967.1631994219; _gid=GA1.2.551631447.1631994219; _gat_gtag_UA_131374070_1=1; __lt__cid=d53dc435-95b4-4006-ad99-1974e9ef3f18; __lt__sid=8ce396fd-a4bedafe
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.fleuri.cc
referer: https://www.fleuri.cc/blog/newsfortop
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/blog/newsfortop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2019 02:45:50 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5cb541de-143"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 323
x-amz-cf-id: DZ0Iz-6oJqUXEJ8gok3qR4WwOb2tzy6znOx17xRD3pg1z8k0d9haUQ==

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame 2C96 3 KB
3 KB 741ms
695ms Document
text/html 13.225.78.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-43.fra2.r.cloudfront.net
Software: Logicad /
Resource Hash: b25740aa42daab2f38d77b54c62c9120f49fcf251c23bb14a4be816a8b07a3e2

Request headers

:method: GET
:authority: um.ladsp.com
:scheme: https
:path: /match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fleuri.cc/
accept-encoding: gzip, deflate, br
cookie: cr=1; smn_uid=LORAt4tsrdGg2qySABXbuQ1rKVguQUM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

content-type: text/html;charset=utf-8
date: Sat, 18 Sep 2021 19:43:41 GMT
expires: -1
cache-control: private, no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
set-cookie: lum=CJumvtO_LxIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhIFCAMQ8AESAggLEgIIDxICCBASAggREgIIExICCBQSAggbEgIIHhICCCASAggiEgIIIxIFCAoQkA0; Domain=.ladsp.com; Expires=Mon, 18-Sep-2023 19:43:41 GMT; Path=/; SameSite=None; Secure
server: Logicad
x-cache: Miss from cloudfront
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: NlP4WFXHN2q2bzGBymcXOV5yfxoIsIdYf3bob8F-bgeZoR0gewRG6w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/836395496/ 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/836395496/?random=1631994220718&cv=9&fst=1631994219680&num=4&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0b1d774b1bafd828638c5fa0e638f405282386662164fccbfdf53df9ad3f970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/835668599/ 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835668599/?random=1631994220719&cv=9&fst=1631994219680&num=5&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db5c038350c53501891921b75c6aad9b2c1efd8c1e65d4984910263257907ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 69ms
17ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-NW
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-iad-kcgs7200165-IAD, cache-hhn11547-HHN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820752598/ 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820752598/?random=1631994220721&cv=9&fst=1631994219680&num=6&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c51051854c251e025cc958ffe33869f98cf5b70036afa018f0951b3df1324c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820752598/ 2 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820752598/?random=1631994220722&cv=9&fst=1631994219680&num=7&label=zzEcCM6X9n4Q1uGuhwM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec8f380d6009346ae3a8c391f23306666ec292521efa248a3485965008e3a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/836395496/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/836395496/?random=1631994220718&cv=9&fst=1631991600000&num=4&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=1173364626&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/836395496/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/836395496/?random=1631994220718&cv=9&fst=1631991600000&num=4&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=1173364626&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/820752598/ 42 B
108 B 30ms
30ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820752598/?random=1631994220722&cv=9&fst=1631991600000&num=7&label=zzEcCM6X9n4Q1uGuhwM&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=2009385237&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/820752598/ 42 B
108 B 35ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820752598/?random=1631994220722&cv=9&fst=1631991600000&num=7&label=zzEcCM6X9n4Q1uGuhwM&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=2009385237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/820752598/ 42 B
108 B 45ms
44ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820752598/?random=1631994220721&cv=9&fst=1631991600000&num=6&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=1775035344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/820752598/ 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820752598/?random=1631994220721&cv=9&fst=1631991600000&num=6&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=1775035344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/835668599/ 42 B
108 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/835668599/?random=1631994220719&cv=9&fst=1631991600000&num=5&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=3993797001&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/835668599/ 42 B
108 B 35ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/835668599/?random=1631994220719&cv=9&fst=1631991600000&num=5&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fleuri.cc%2F&tiba=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&fmt=3&is_vtc=1&random=3993797001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 161ms
123ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nyefl&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.fleuri.cc%2F

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 18 Sep 2021 19:43:40 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8739a85f95a1963bf5f6a606118e5aae7deb31e197464b7303235ec3454d9ade
x-transaction: 1b4b4a7e40f4c380
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 cmt.js Show response
taj1.ebis.ne.jp/GE5GSneF/ 21 KB
8 KB 365ms
246ms Script
application/javascript 2600:9000:20eb:be00:1e:513c:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taj1.ebis.ne.jp/GE5GSneF/cmt.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f3c9d73e039ec7c96a5798704b93076425d722e86371663388d70cdb053cdcaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 00:14:30 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
etag: W/"5365-5c71e5ad2ad98"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control: no-store, s-maxage=60, public
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XJIN27nuEGesOu7CqhBDsYxVY4xBhrtdfhdoPgyuVcA3dCNpBhg5Gw==

GET
H2 200 / Show response
b92.yahoo.co.jp/search/ 0
651 B 274ms
274ms Script
text/javascript 183.79.249.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b92.yahoo.co.jp/search/?p=KZHZ6E4FYW&label=&ref=https%3A%2F%2Fwww.fleuri.cc%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1631994221.1692514&pvid=ktnucbbrmqktq7808h&tsyjad=0

Requested by

Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
p3p: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
cache-control: private, no-cache, no-store, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1;mode=block
expires: -1

GET
H/1.1 200
OK segmentation.js Show response
js.fout.jp/ 12 KB
3 KB 115ms
20ms Script
application/javascript 104.111.229.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.fout.jp/segmentation.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-110.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e29dccc38bedcab3b6283f6e298d44b37917931ef56da1a633ba7b0c365b536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 05:06:55 GMT
Server: nginx
ETag: "607fb2ef-2f1e"
Vary: Accept-Encoding
P3P: CP="ADM NOI OUR"
Cache-Control: max-age=183
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2651
Expires: Sat, 18 Sep 2021 19:46:44 GMT

GET
H2 200 / Show response
b92.yahoo.co.jp/search/ 0
444 B 276ms
276ms Script
text/javascript 183.79.249.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b92.yahoo.co.jp/search/?p=LU5VKVBMSV&label=&ref=https%3A%2F%2Fwww.fleuri.cc%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1631994221.5835218&pvid=ktnucbbrmqktq7808h&tsyjad=1631994221

Requested by

Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
p3p: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
cache-control: private, no-cache, no-store, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1;mode=block
expires: -1

GET
H2 200 / Show response
b92.yahoo.co.jp/search/ 0
444 B 275ms
275ms Script
text/javascript 183.79.249.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b92.yahoo.co.jp/search/?p=YYTSGBHA9A&label=&ref=https%3A%2F%2Fwww.fleuri.cc%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1631994221.053026&pvid=ktnucbbrmqktq7808h&tsyjad=1631994221

Requested by

Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
p3p: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
cache-control: private, no-cache, no-store, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1;mode=block
expires: -1

GET
H/1.1 200
OK bl_track.cgi
d-track.send.microad.jp/ 0
411 B 769ms
256ms Image
text/plain 103.142.124.65
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d-track.send.microad.jp/bl_track.cgi?co_account_id=3082&group=&country_id=1&ver=&referrer=&cbt=c43f9d4bd60fd8017bfa6f9237

Requested by

Host: www.fleuri.cc
URL: https://www.fleuri.cc/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.124.65 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:41 GMT
Last-Modified: Mon, 05 Apr 2021 06:20:55 GMT
Server: Apache
ETag: "0"
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: no-store
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 tag.js Show response
s.yjtag.jp/ 37 KB
13 KB 80ms
13ms Script
application/javascript 2600:9000:20eb:b800:8:dcbf:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yjtag.jp/tag.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:b800:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: pwVJ8CZ5CzxJk0oranYXZm0CJzsUHSFZ
content-encoding: gzip
etag: W/"830cee037cbd2937feb368104dc9a35f"
age: 2829
x-cache: Hit from cloudfront
p3p: CP=NOI DSP COR NID
cross-origin-resource-policy: cross-origin
last-modified: Mon, 09 Nov 2020 01:50:12 GMT
server: AmazonS3
date: Sat, 18 Sep 2021 18:56:33 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: SfbBDsmjTsriPbHEjPKxJ_1TeO419SmSS-OFArRosJ_fYHOLKbxtIw==

GET
H2 200 b264907a652f9.js Show response
t.contentsquare.net/uxa/ 295 KB
62 KB 51ms
12ms Script
application/javascript 13.224.193.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/b264907a652f9.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdd1994b42330965df2b953b390f47c49084f1200064c40c5d87112c5256327e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Sep 2021 10:24:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 09:34:34 GMT
server: AmazonS3
age: 33545
etag: "fdcae6641832237b5b1d795db5d38e2a"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 63287
x-amz-cf-id: aS72yXtu8_-PkgjloVg3vEms9l2DNR8IGZaoSt9Ja2pb2vZWMafgTQ==

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 37ms
9ms Image
image/gif 52.29.166.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&se_va=SLKwHz9NA4tKEtBEZraiyYi70nTjrSU8OUtuwwqS&cx=eyJwdl91dWlkIjo1NzQwODgzOTN9&dtm=1631994221115&tid=648774&vp=1600x1200&ds=1600x1395&vid=1&duid=23cc303094e8acdd&p=web&tv=js-0.13.2&fp=2662658703&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.fleuri.cc%2F
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.166.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-166-16.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:41 GMT
Cache-Control: max-age=86400, private
Expires: Sun, 19 Sep 2021 19:43:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
660 B 194ms
123ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nyefl&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.fleuri.cc%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 18 Sep 2021 19:43:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 06b98a7b521e034d89970d138f32b55df47c578dded4fa10f5b326ff01151bba
x-transaction: 10ad64fb3754aea3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 111ms
31ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=4863&uu=34775fe5-6679-a2c7-cda1-5235d07625a9&sn=1&lv=1631994221&lhd=1631994221&hd=1631994221&pn=1&dw=1600&dh=1395&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.fleuri.cc%2F&uc=1&la=en-US&v=11.0.0&r=128163
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 326609c8-4b66-4240-b385-4c5565af0ff2
https://www.fleuri.cc/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fleuri.cc/326609c8-4b66-4240-b385-4c5565af0ff2
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 449446966fc86f9b41fb0a26c27f12253c97e2f57f99804289868c252937fc3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H/1.1 200
OK cnt
cnt.fout.jp/24885/ 43 B
482 B 721ms
235ms Image
image/gif 202.232.238.39
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnt.fout.jp/24885/cnt?id=24885&url=https%3A%2F%2Fwww.fleuri.cc%2F&rurl=&siteid=&segid=&price=&dat=&params=&encoding=&event=&item=&category=&keywords=&brand=&cv_price=&bc=1&cachebuster=468982728555
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 202.232.238.39 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:41 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Content-Type: image/gif

GET
H/1.1 200 tag Show response
yjtag.yahoo.co.jp/ 2 KB
1 KB 1438ms
288ms Script
text/javascript 183.79.171.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://yjtag.yahoo.co.jp/tag?site=ckrUOJm&referrer=https%3A%2F%2Fwww.fleuri.cc%2F&H=-1cwlqlv

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.79.171.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

proxy151.ytm.vip.kks.ynwp.yahoo.co.jp

Software

Resource Hash

378b53445d34acb2e058f3a0c7675b32a27cfe824d75ff80c648ac827ecd7825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
ETag: b1602b351e493426576a10df65fb5a70
vary: accept-encoding
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-BT-RequestId: ba9a3480-18b8-11ec-afcc-0000ac1c49e1

GET
H/1.1 200
OK rec.php Show response
ac.ebis.ne.jp/ 37 B
507 B 1138ms
320ms Script
application/javascript 210.188.196.193
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.ebis.ne.jp/rec.php?ebisV=6.5&argument=GE5GSneF&referrer=&pagetitle=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&pageurl=https%3A%2F%2Fwww.fleuri.cc%2F&ebisUA=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&lstd=&td=&ebisAccessTypes=pv&ebisRand=1631994221398.0&pids=&js=cb
Requested by: Host: taj1.ebis.ne.jp
URL: https://taj1.ebis.ne.jp/GE5GSneF/cmt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.188.196.193 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: ac.ebis.ne.jp
Software: Apache /
Resource Hash: 428ec634869934c0872307ae89c3351e118925fbddca9d1d588a34b087292a9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
X-Ebis-Measured-Access-Types: pv
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI OUR PSA IND DSP COR ADM DEV UNI COM NAV INT STA"
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Type: application/javascript; charset=UTF-8
Content-Length: 37

GET
H2

200

google
px.ladsp.com/match/ Frame 2C96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AbYhy7extzbCks8ADWspWC5BQ8A&logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02
https://px.ladsp.com/match/google?logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02&google_gid=CAESEIuVbUm9wSGP2HPgew3HjXo&google_cver=1

43 B
376 B

235ms
235ms

Image
image/gif

3.115.55.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02&google_gid=CAESEIuVbUm9wSGP2HPgew3HjXo&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.55.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-55-52.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
server: Logicad
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://px.ladsp.com/match/google?logicad_uid=AbYhy7extzbCks8ADWspWC5BQ8A&svid=02&google_gid=CAESEIuVbUm9wSGP2HPgew3HjXo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 2C96
Redirect Chain

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

43 B
180 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:41 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
date: Sat, 18 Sep 2021 19:43:41 GMT
via: 1.1 google
server: OXGW/16.216.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2C96 42 B
537 B 341ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:502
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2C96
Redirect Chain

https://ib.adnxs.com/setuid?entity=276&code=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAd7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

43 B
1 KB

16ms
16ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAd7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:41 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f3759e52-5039-4d96-857f-64feb41bb6f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:41 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d0dfc7b0-2394-4738-b92c-b51debb50230
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAd7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hs
s-cs.send.microad.jp/ Frame 2C96 43 B
399 B 863ms
254ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TKQ

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 /
sync.ad-stir.com/ Frame 2C96 35 B
101 B 1022ms
233ms Image
image/gif 18.179.248.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.248.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-248-149.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
content-length: 35
content-type: image/gif

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 2C96
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA

43 B
345 B

12ms
12ms

Image
image/gif

52.59.115.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
date: Sat, 18 Sep 2021 19:43:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2C96 0
239 B 94ms
16ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=AR5EvDeh2eNpks8ADWspWC5BQxA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame 2C96 43 B
694 B 827ms
259ms Image
image/gif 202.241.208.56
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.56 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-SO-Cluster-ID: 14
Date: Sat, 18 Sep 2021 19:43:42 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?dspid=12&proto=adgen","cluster_id":14,"gdpr":true,"ipv4":"0.0.0.0","key":"YUZBbsCo5s8AAD24FeMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40180"}
X-SO-Ads-Time: 3
X-SO-Key: YUZBbsCo5s8AAD24FeMAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40180
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40180.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-IP: 194.36.108.22

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55978/ Frame 2C96
Redirect Chain

https://pixel.advertising.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw
https://pixel.advertising.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&verify=true
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc&verify=true

0
1 KB

16ms
16ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc&verify=true

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:41 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sat, 18 Sep 2021 19:43:41 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TLw&apid=UPba02d6d0-18b8-11ec-b781-02182bf14dcc&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
cs.adingo.jp/sync/ Frame 2C96 0
44 B 730ms
233ms Image
text/plain 52.198.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TMA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.4.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:42 GMT
server: awselb/2.0

GET
H2 204 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 2C96 0
222 B 112ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TNQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:41 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7806

GET
H/1.1 200
OK cookiesync
ad.caprofitx.adtdp.com/v1/ Frame 2C96 35 B
601 B 1037ms
234ms Image
image/gif 54.168.155.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.caprofitx.adtdp.com/v1/cookiesync?logicad_uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TNw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.155.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-155-233.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
X-Trace-Token: a29c6c5ccbec-73760321
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 2C96
Redirect Chain

https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg
https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg&rdrctExp=true

0
473 B

103ms
103ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg&rdrctExp=true
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
Cache-Control: no-cache
X-TraceId: 88e9fc563a4973e4771a4c43fb0c9e04
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=logicad&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg&rdrctExp=true
Date: Sat, 18 Sep 2021 19:43:42 GMT
X-TraceId: 7a9f125ab068e8b2c2d3fae754e5012c
Content-Length: 0

GET
H2 403 sync.ad
sp.gmossp-sp.jp/ads/ Frame 2C96 0
0 1828ms
252ms Image
text/html 150.95.47.200
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.95.47.200 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v150-95-47-200.a00c.g.jpt1.static.cnode.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame 2C96 35 B
469 B 816ms
265ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2C96
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw&__user_check__=1&sync_id=badae91d-18b8-11ec-8cbe-1fe3cd8f0206

43 B
549 B

25ms
25ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw&__user_check__=1&sync_id=badae91d-18b8-11ec-8cbe-1fe3cd8f0206
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_30_32_34_35&ts=1631994220594&svid=52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 124
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 18 Sep 2021 19:43:42 GMT
Server: nginx
Location: /partner?adv_id=8750&img=1&uid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPw&__user_check__=1&sync_id=badae91d-18b8-11ec-8cbe-1fe3cd8f0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 23
Connection: keep-alive
Content-Length: 0

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 446ms
104ms Preflight
text/plain 3.227.66.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.227.66.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-66-247.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.fleuri.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.fleuri.cc
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Sat, 18 Sep 2021 19:43:43 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 106ms
106ms XHR
text/plain 3.227.66.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/10345300125.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.66.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-66-247.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fleuri.cc/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.fleuri.cc
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Sat, 18 Sep 2021 19:43:44 GMT
Content-Type: text/plain

GET
H/1.1 200
OK beacon.html Show response
js.fout.jp/ Frame 1C08 10 KB
4 KB 19ms
19ms Document
text/html 104.111.229.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.fout.jp/beacon.html?from=dmp
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/segmentation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-110.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3c3bad27b191b97bd1fc018344b37b72b7c21c7b36014279b460acf154958ea5

Request headers

Host: js.fout.jp
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.fleuri.cc/
Accept-Encoding: gzip, deflate, br
Cookie: uid=1ive7gfsDFK7iPc8H-zoQ3BS7H0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Wed, 04 Aug 2021 06:57:59 GMT
ETag: "610a3a77-291a"
P3P: CP="ADM NOI OUR"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=564
Expires: Sat, 18 Sep 2021 19:53:07 GMT
Date: Sat, 18 Sep 2021 19:43:43 GMT
Content-Length: 3285
Connection: keep-alive

GET
H/1.1 200
OK segmentation.js Show response
js.fout.jp/ 12 KB
3 KB 38ms
19ms Script
application/javascript 104.111.229.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.fout.jp/segmentation.js
Requested by: Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-110.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e29dccc38bedcab3b6283f6e298d44b37917931ef56da1a633ba7b0c365b536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 05:06:55 GMT
Server: nginx
ETag: "607fb2ef-2f1e"
Vary: Accept-Encoding
P3P: CP="ADM NOI OUR"
Cache-Control: max-age=181
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2651
Expires: Sat, 18 Sep 2021 19:46:44 GMT

GET
H/1.1 200
OK seg Show response
secure.adnxs.com/ 0
1 KB 45ms
14ms Script
application/javascript 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=3476285&t=1

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 45a8e241-71e3-428c-985f-a63048977197
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK itm.js Show response
dmp.im-apps.net/js/8021/0001/ 2 KB
1 KB 1188ms
1113ms Script
application/javascript 2a02:26f0:6c00::210:bb9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/js/8021/0001/itm.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a551014fb4d41e194ffe8b8b315d375199e01c01213395ea7f9eb3dfdbe52733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
x-amz-version-id: oadCCA5dGq7tdTa9nQIpwpjC6TRRiP92
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2015 15:23:04 GMT
ETag: "be38d5e48a8cb8465607048c1d44aa69"
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=0, no-cache
Date: Sat, 18 Sep 2021 19:43:44 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 779
Expires: Sat, 18 Sep 2021 19:43:44 GMT

GET nexRt.js
st.nex8.net/js/ 0
0

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 70ms
42ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=4887640&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: abba2210-26b0-4b56-9584-b8865a512ef0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sd
jp-u.openx.net/w/1.0/ Frame 1C08 43 B
106 B 18ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072523&val=1ive7gfsDFK7iPc8H-zoQ3BS7H0
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:43 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
sync.fout.jp/ Frame 1C08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=2
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=2&google_gid=CAESEIxd6OU-e4tPpFwaRA5kMqo&google_cver=1

43 B
527 B

770ms
234ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=2&google_gid=CAESEIxd6OU-e4tPpFwaRA5kMqo&google_cver=1

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:44 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=2&google_gid=CAESEIxd6OU-e4tPpFwaRA5kMqo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

report
sync.fout.jp/ Frame 1C08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=3&google_hm=MWl2ZTdnZnNERks3aVBjOEgtem9RM0JTN0gw
https://sync.fout.jp/report?xid=googleadex&from_google=3

43 B
285 B

771ms
234ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.fout.jp/report?xid=googleadex&from_google=3
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 202.232.238.37 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.fout.jp/report?xid=googleadex&from_google=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 1C08 43 B
1 KB 26ms
15ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=125&code=1ive7gfsDFK7iPc8H-zoQ3BS7H0

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:43 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d0d561e4-41cb-4595-90d9-27ecad8c70a1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1C08 0
239 B 11ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=59910&nid=3504&put=1ive7gfsDFK7iPc8H-zoQ3BS7H0
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H/1.1

200
OK

sync
sync.fout.jp/ Frame 1C08
Redirect Chain

https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5
https://sync.fout.jp/sync?xid=imobile&uid=bbff8bd6-c05f-4ecf-a83a-437f82a69e7a&sync_status=1

43 B
527 B

237ms
237ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=imobile&uid=bbff8bd6-c05f-4ecf-a83a-437f82a69e7a&sync_status=1

Requested by

Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:44 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

Redirect headers

Date: Sat, 18 Sep 2021 19:42:58 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Location: https://sync.fout.jp/sync?xid=imobile&uid=bbff8bd6-c05f-4ecf-a83a-437f82a69e7a&sync_status=1
Cache-Control: private
Connection: keep-alive
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1C08 42 B
374 B 19ms
18ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwOTcmdGw9NDMyMDA=&piggybackCookie=1ive7gfsDFK7iPc8H-zoQ3BS7H0
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 set
sync.im-apps.net/imid/ Frame 1C08 43 B
594 B 755ms
238ms Image
image/gif 52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=3947&tid=foid&uid=1ive7gfsDFK7iPc8H-zoQ3BS7H0
Requested by: Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.fout.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:44 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: image/gif
expires: Sat, 18 Sep 2021 19:43:43 GMT

GET
H/1.1 200
OK cnt
cnt.fout.jp/7508/ 43 B
350 B 234ms
233ms Image
image/gif 202.232.238.39
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnt.fout.jp/7508/cnt?id=7508&url=https%3A%2F%2Fwww.fleuri.cc%2F&rurl=&siteid=&segid=&price=&dat=&params=&encoding=&event=&item=&category=&keywords=&brand=&cv_price=&bc=1&cachebuster=5836351599514
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 202.232.238.39 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:43 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Content-Type: image/gif

GET
H/1.1 200
OK audience Show response
cnt.fout.jp/segapi/ 72 B
451 B 233ms
233ms Script
application/javascript 202.232.238.39
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.fout.jp/segapi/audience?callback=_itm_.sa_cb&cvid=mHDmdffSCFxfWgmjsQ
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8021/0001/itm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 202.232.238.39 Chiyoda-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: a2e5c539aa68f8972297f85cdde31f1446c3d0e1d71b84d3bab989374415aaba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Sep 2021 19:43:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
36 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRW49G&l=itm_dl1

Requested by

Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8021/0001/itm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

717c57e80c01df29eaff2d6cf5e113787d142fd18a9d017f70b9e41c64898921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36584
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 19:43:45 GMT

GET
H/1.1 200
OK beacon.html Show response
cf.im-apps.net/imid/ Frame F847 3 KB
2 KB 46ms
8ms Document
text/html 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.im-apps.net/imid/beacon.html
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ff1240803131ac2e8cee5062729919a4f38f7eec1e403919ed9daebfb2f33f35

Request headers

Host: cf.im-apps.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.fleuri.cc/
Accept-Encoding: gzip, deflate, br
Cookie: imid_secure=PK1YeUwURUKK8bcPUKjnhQ; imid_created_secure=1631994224
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/

Response headers

x-amz-replication-status: PENDING
Last-Modified: Fri, 09 Jul 2021 11:59:56 GMT
ETag: "c5459e128683fe95c4c83e22ab5cd1ee"
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Expires: Sun, 19 Sep 2021 19:43:45 GMT
Date: Sat, 18 Sep 2021 19:43:45 GMT
Content-Length: 1693
Connection: keep-alive
P3P: CP="NOI PSD OTR"

GET
H/1.1 200
OK tdim-1.1.0.min.js Show response
cf.im-apps.net/sdk/ 7 KB
3 KB 47ms
9ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js
Requested by: Host: www.fleuri.cc
URL: https://www.fleuri.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 84e2f272052d386779f00694399d4dcbbad2def9c0e1f56e7ab16d133c2cef57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:43:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 09:39:26 GMT
ETag: "e040eeb7304bf1ef26817cabe817bc07"
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=604800
x-amz-replication-status: PENDING
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2847
Expires: Sat, 25 Sep 2021 19:43:45 GMT

GET
H2 200 set
sync.im-apps.net/imid/ Frame F847 43 B
593 B 236ms
235ms Image
image/gif 52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?no_sync=1
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: image/gif
expires: Sat, 18 Sep 2021 19:43:44 GMT

GET
H2 200 segment Show response
sync.im-apps.net/imid/ 183 B
751 B 239ms
239ms Script
application/javascript 52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.im-apps.net/imid/segment?token=VXoW9wEaCAYxiIkb8Mzm7Q&callback=TDIM.callback.tij16319942251586501.im_callback&need_created=True
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac2dcfa8a8d7a3e0e50a4747d78da3fd9f485d6e3ac72acbb5470a5165c54308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
content-encoding: gzip
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: application/javascript
expires: Sat, 18 Sep 2021 19:43:44 GMT

GET
H2

200

set
sync.im-apps.net/imid/ Frame F847
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEXBMGFU9SkD1ns1VUOWfpM&google_cver=1

43 B
593 B

239ms
239ms

Image
image/gif

52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEXBMGFU9SkD1ns1VUOWfpM&google_cver=1
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: image/gif
expires: Sat, 18 Sep 2021 19:43:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEXBMGFU9SkD1ns1VUOWfpM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

cs
yjtag.yahoo.co.jp/ Frame F847
Redirect Chain

https://yjtag.yahoo.co.jp/csx?tp=wAiXPd0
https://sync.im-apps.net/imid/redirect?gdpr=1&cid=8144&tid=yid&uidpfx=%26uid%3D&url=https%3A%2F%2Fyjtag.yahoo.co.jp%2Fcs%3Fbtt%3DnvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U%26tp%3DwAiXPd0
https://yjtag.yahoo.co.jp/cs?btt=nvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U&tp=wAiXPd0&uid=PK1YeUwURUKK8bcPUKjnhQ&gdpr=1

35 B
936 B

290ms
289ms

Image
image/gif

183.79.171.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yjtag.yahoo.co.jp/cs?btt=nvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U&tp=wAiXPd0&uid=PK1YeUwURUKK8bcPUKjnhQ&gdpr=1

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.79.171.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

proxy151.ytm.vip.kks.ynwp.yahoo.co.jp

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
X-BT-RequestId: bcb684d0-18b8-11ec-b43b-0000ac1c4536
X-Content-Type-Options: nosniff
Age: 0
Date: Sat, 18 Sep 2021 19:43:46 GMT
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
date: Sat, 18 Sep 2021 19:43:45 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
location: https://yjtag.yahoo.co.jp/cs?btt=nvOSftuxV7SlVF-uJjaFQ40Cz94XS5n-l8_GkT9Cq9U&tp=wAiXPd0&uid=PK1YeUwURUKK8bcPUKjnhQ&gdpr=1
cache-control: no-cache
expires: Sat, 18 Sep 2021 19:43:44 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame F847 43 B
183 B 130ms
129ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=980&p_user_id=PK1YeUwURUKK8bcPUKjnhQ

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 18 Sep 2021 19:43:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 06b98a7b521e034d89970d138f32b55df47c578dded4fa10f5b326ff01151bba
x-transaction: bb7160ad963693e0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F847
Redirect Chain

https://dpm.demdex.net/ibs:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ

42 B
945 B

33ms
33ms

Image
image/gif

52.19.186.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.186.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-186-105.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0afdabb57.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YaaPjUAoSxo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v016-018bef6e4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FHyAeznRT1U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=PK1YeUwURUKK8bcPUKjnhQ
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

set
sync.im-apps.net/imid/ Frame F847
Redirect Chain

https://gum.criteo.com/sync?c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40
https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=9QArFs3dQ-BBhOfWqmMD07s2-WaiEbtM

43 B
593 B

237ms
237ms

Image
image/gif

52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=9QArFs3dQ-BBhOfWqmMD07s2-WaiEbtM
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: image/gif
expires: Sat, 18 Sep 2021 19:43:44 GMT

Redirect headers

location: https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=9QArFs3dQ-BBhOfWqmMD07s2-WaiEbtM
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3963
date: Sat, 18 Sep 2021 19:43:44 GMT
content-length: 215
content-type: text/html; charset=utf-8

GET
H2

200

set
sync.im-apps.net/imid/ Frame F847
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=intmerger&ttd_tpi=1
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=2275a75f-828b-4bd7-9129-470b11b3e773

43 B
593 B

239ms
239ms

Image
image/gif

52.196.86.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=2275a75f-828b-4bd7-9129-470b11b3e773
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.86.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-86-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
server: nginx
x-im-imid-created: 1631994224
p3p: CP="NOI PSD OTR"
x-im-imid: PK1YeUwURUKK8bcPUKjnhQ
cache-control: no-cache
content-type: image/gif
expires: Sat, 18 Sep 2021 19:43:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Sep 2021 19:43:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=2275a75f-828b-4bd7-9129-470b11b3e773
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK log.js Show response
dmp.im-apps.net/sdk/ 76 KB
25 KB 13ms
12ms Script
text/javascript 2a02:26f0:6c00::210:bb9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/log.js
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9a28c3eca899a1a148f094b5b48af9ff2f56de408318bacf407fa2e0518b182e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: WGrYCt.Rh2KlnzExx7UpQfX9p.bjb8Gx
Content-Encoding: gzip
Last-Modified: Sat, 18 Sep 2021 17:15:51 GMT
ETag: "e5b443a5372fa7edeb9fc74f3152d747"
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: public, max-age=10800
Date: Sat, 18 Sep 2021 19:43:45 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 24841

GET
H2 200 tracker
b.im-apps.net/ 43 B
208 B 286ms
250ms Image
image/gif 34.120.190.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.im-apps.net/tracker?action_name=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&idsite=8021&rec=1&cdptm=0&r=756248&h=19&m=43&s=45&url=https%3A%2F%2Fwww.fleuri.cc%2F&_id=13391fa556abc417&_idts=1631994225&_idvc=1&_idn=0&_refts=0&_viewts=1631994225&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&data=%7B%22custom_id%22%3A%22undefined%22%2C%22custom_type%22%3A%22undefined%22%2C%22custom_rank%22%3A%22undefined%22%2C%22custom_price%22%3A%22undefined%22%2C%22custom_data%22%3A%22undefined%22%7D&gt_ms=871&pv_id=UhqZ2l&__lang=en-us&__dpr=1&__seids=jQuMiP0aqZU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.190.172 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
b6.im-apps.net/ 43 B
208 B 315ms
252ms Image
image/gif 2600:1901:0:b6a9::

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/collect?action_name=%E6%AF%9B%E7%A9%B4%E5%AF%BE%E7%AD%96%20%7C%20%E3%82%AF%E3%83%AC%E3%83%B3%E3%82%B8%E3%83%B3%E3%82%B0%E3%82%B8%E3%82%A7%E3%83%AB%20%7C%20%E3%83%95%E3%83%AB%E3%83%AA%E5%85%AC%E5%BC%8F%E3%82%B5%E3%82%A4%E3%83%88&idsite=8021&rec=1&cdptm=0&r=193594&h=19&m=43&s=45&url=https%3A%2F%2Fwww.fleuri.cc%2F&_id=13391fa556abc417&_idts=1631994225&_idvc=1&_idn=0&_refts=0&_viewts=1631994225&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&data=%7B%22custom_id%22%3A%22undefined%22%2C%22custom_type%22%3A%22undefined%22%2C%22custom_rank%22%3A%22undefined%22%2C%22custom_price%22%3A%22undefined%22%2C%22custom_data%22%3A%22undefined%22%7D&gt_ms=871&pv_id=d9Ytp9&__lang=en-us&__dpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:b6a9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fleuri.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 19:43:45 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bytedance.com
URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BH42AR4UF25D2PUU575G

Domain: st.nex8.net
URL: https://st.nex8.net/js/nexRt.js

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fleuri.cc/	1970-01-19 21:20:01	Name: XSRF-TOKEN Value: eyJpdiI6IlVDTm1FblV1ZEtrVXBrazh1QWVuOVE9PSIsInZhbHVlIjoiKzZuQU9cL1hkQ01HeHNMOHlqalpMa1wvOE9pM1lpdzdYcWJUK1NtSXhRUlhyd2N3UTQyWVNzdU54eVBIZzFcL3JDZCIsIm1hYyI6ImM0ZThhOWU3Y2Q1YTgzOGQxZTQ1ZDg2MDY0N2Q5ZmIxMGZlYjFlZWNlN2YwN2M4NTZjZWExMTYxOGEyNjNjYzMifQ%3D%3D
www.fleuri.cc/	1969-12-31 23:59:59	Name: fleuri_ec_system_session Value: eyJpdiI6IkRibVR3akZKUmtcL1JjcEk5d2JrZ3FRPT0iLCJ2YWx1ZSI6ImowcmFEc3dBMDJFMkhoWEtxdU10eVM4dDRhTWxObVAxRDdIWHg3VXNJSFVnTUxzRG1xUkl6YTdPSGs2UHRadGZUK2dnMVI5bDZDMUY3NkxpbTJSbFFkTGcySVZJZ0xsMStJQlRFUTFUb3NEZXZzRmd0RUJlR29cL2NcL3hNcG0zWFEiLCJtYWMiOiI4ZGQxNDg0MzExODEzOTliM2Y5ZTk2ZWMxNDk0ZGJkM2Q1NjgyYWRkZWU1MTVkNmYzOTBhNmIwYmU0NDYwMzZlIn0%3D
.fleuri.cc/	1970-01-20 01:39:06	Name: optimizelyEndUserId Value: oeu1631994218501r0.12540622793527412
.fleuri.cc/	1970-01-20 14:51:06	Name: __utma Value: 38422900.749108967.1631994219.1631994219.1631994219.1
.fleuri.cc/	1969-12-31 23:59:59	Name: __utmc Value: 38422900
.fleuri.cc/	1970-01-20 01:42:42	Name: __utmz Value: 38422900.1631994219.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fleuri.cc/	1970-01-19 21:19:54	Name: __utmt Value: 1
.fleuri.cc/	1970-01-19 21:19:56	Name: __utmb Value: 38422900.1.10.1631994219
.fleuri.cc/	1970-01-19 23:29:30	Name: _gcl_au Value: 1.1.436641229.1631994219
www.fleuri.cc/	1970-01-20 14:51:06	Name: snexid Value: d8d96105-d3b7-4c44-b29d-20c4e5d132df
.fleuri.cc/	1970-01-20 14:51:06	Name: _ga Value: GA1.2.749108967.1631994219
.fleuri.cc/	1970-01-19 21:21:20	Name: _gid Value: GA1.2.551631447.1631994219
.fleuri.cc/	1970-01-19 21:19:54	Name: _gat_gtag_UA_131374070_1 Value: 1
.www.fleuri.cc/	1970-01-20 14:51:06	Name: __lt__cid Value: d53dc435-95b4-4006-ad99-1974e9ef3f18
.www.fleuri.cc/	1970-01-19 21:19:56	Name: __lt__sid Value: 8ce396fd-a4bedafe
.smartnews-ads.com/	1970-01-20 14:51:06	Name: g Value: f27fb2b8-c5cb-431b-870f-a532d7703f93
.line.me/	1970-01-20 14:51:06	Name: _ldbrbid Value: tr__k1y/XGFGQWux7/zFna9wAg==
.doubleclick.net/	1970-01-20 06:41:30	Name: IDE Value: AHWqTUltUX1QCRRm4lfZkCBNLN9tmSu0aZemxLw5b7zAQ9RD7TKfxLNnVlB6jdOL
.ladsp.com/	1970-01-19 21:19:57	Name: cr Value: 1
.ladsp.com/	1970-01-20 14:51:06	Name: smn_uid Value: LORAt4tsrdGg2qySABXbuQ1rKVguQUM
.fleuri.cc/	1970-01-20 14:51:06	Name: _ts_yjad Value: 1631994221106
www.fleuri.cc/	1970-01-20 14:51:06	Name: _sp_id.a6b8 Value: 23cc303094e8acdd.1631994221.1.1631994221.1631994221
www.fleuri.cc/	1970-01-19 21:19:56	Name: _sp_ses.a6b8 Value: *
.yotpo.com/	1970-01-20 06:05:30	Name: pixel Value: e5d71444-2c99-4bab-63c0-09b0364f8bf6
.fleuri.cc/	1970-01-20 06:49:18	Name: _cs_c Value: 1
.fleuri.cc/	1970-01-20 06:49:18	Name: _cs_id Value: 34775fe5-6679-a2c7-cda1-5235d07625a9.1631994221.1.1631994221.1631994221.1.1666158221218
.fleuri.cc/	1970-01-19 21:19:56	Name: _cs_s Value: 1.0.0.1631996021219
.twitter.com/	1970-01-20 14:51:06	Name: personalization_id Value: "v1_YbaSArGHp4ks44JZXj3B+Q=="
.yahoo.co.jp/	1970-01-20 06:05:30	Name: XA Value: aimjt9pgkcgbd&sd=B&t=1631994221&u=1631994221&v=1
.yahoo.co.jp/	1970-01-20 14:52:32	Name: XB Value: aimjt9pgkcgbd&b=3&s=qb
.ladsp.com/	1970-01-20 14:51:06	Name: lum Value: CJumvtO_LxIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhIFCAMQ8AESAggLEgIIDxICCBASAggREgIIExICCBQSAggbEgIIHhICCCASAggiEgIIIxIFCAoQkA0
.bidswitch.net/	1970-01-20 06:05:30	Name: tuuid Value: 9409fa6b-081c-4bf6-a9fc-20fc4fd6db8e
.bidswitch.net/	1970-01-20 06:05:30	Name: c Value: 1631994221
.bidswitch.net/	1970-01-20 06:05:30	Name: tuuid_lu Value: 1631994221
.adnxs.com/	1970-01-19 23:29:30	Name: uuid2 Value: 8372084305680449413
.advertising.com/	1970-01-20 06:06:56	Name: APID Value: UPba02d6d0-18b8-11ec-b781-02182bf14dcc
.yahoo.com/	1970-01-20 06:05:51	Name: A3 Value: d=AQABBG1BRmECENPI6Usdg_OGBkNPt3_g4gMFEgEBAQGSR2FQYQAAAAAA_eMAAA&S=AQAAAonVd9Ku6fg6vRdwYP5KWs0
.analytics.yahoo.com/	1970-01-20 06:06:56	Name: IDSYNC Value: 176y~20h7
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPba02d6d0-18b8-11ec-b781-02182bf14dcc
.yahoo.com/	1970-01-19 21:21:20	Name: APIDTS Value: 1631994221
.openx.net/	1970-01-20 06:05:30	Name: i Value: 02546dc3-eae1-450b-b8dd-eb7b40238d7c\|1631994221
.taboola.com/	1970-01-20 06:05:30	Name: t_gid Value: b333ae94-3a73-4389-8e8a-4368ae987916-tuct83fc6ed
.pubmatic.com/	1970-01-19 22:03:06	Name: KRTBCOOKIE_629 Value: 11487-Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-THA
.pubmatic.com/	1970-01-19 23:29:30	Name: PUBMDCID Value: 3
.fout.jp/	1970-01-20 14:51:06	Name: uid Value: 1ive7gfsDFK7iPc8H-zoQ3BS7H0
sync.outbrain.com/	1970-01-19 21:20:54	Name: cookieJartestCookie Value: aaa
.outbrain.com/	1970-01-19 23:29:30	Name: obuid Value: 516cd96c-199d-4a03-8af7-0a2d34e9f8f3
.outbrain.com/	1970-01-19 22:03:06	Name: lgcad Value: Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TOg
.ebis.ne.jp/	1970-01-20 14:51:06	Name: TRACKING_DATA Value: 86dgwb1bb.1631994222
.fleuri.cc/	1970-01-20 14:51:06	Name: _ebtd Value: 1.86dgwb1bb.1631994222
.popin.cc/	1970-01-20 14:51:06	Name: piuid Value: 400bd38732ec4b188436673220643f30
.popin.cc/	1970-01-19 22:46:18	Name: p_logicad Value: Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPg
.adtdp.com/	1970-01-20 14:51:38	Name: pfxid Value: 5e9eef52-50e0-48b0-8a9f-118d8ba79d6b
.caprofitx.adtdp.com/	1970-01-20 14:51:38	Name: pfxids_logicad Value: eyJpZCI6IkFkN2dReUhFTzkzSWtzOEFEV3NwV0M1QlE4OEFBQUY3LW0tVE53IiwidXBkYXRlZEF0IjoiMjAyMS0wOS0xOFQxOTo0Mzo0Mi42MDhaIn0
.spotxchange.com/	1970-01-20 06:05:34	Name: audience Value: badae8d1-18b8-11ec-8cbe-1fe3cd8f0206
.fout.jp/	1970-01-20 06:05:30	Name: lastW_mapping Value: 1631994223
.pubmatic.com/	1970-01-19 22:03:06	Name: KRTBCOOKIE_669 Value: 13218-1ive7gfsDFK7iPc8H-zoQ3BS7H0
.pubmatic.com/	1970-01-19 22:03:06	Name: PugT Value: 1631994223
.adnxs.com/	1970-01-19 23:29:30	Name: anj Value: dTM7k!M4/rErk#WF']wIg2E?$Jom%KNRJzTn_@td4CH[W/'aUip-XZP-f'`hqBPH)V=f]kpVv6/(JSF#)TPv9pnm8F^.+M5nt+@X`Z=AnVkq*^9Rkfl9RrTqn0hR%
.im-apps.net/	1970-01-20 14:51:06	Name: imid_secure Value: PK1YeUwURUKK8bcPUKjnhQ
.im-apps.net/	1970-01-20 14:51:06	Name: imid_created_secure Value: 1631994224
.i-mobile.co.jp/	1970-01-20 06:05:13	Name: xid Value: bbff8bd6-c05f-4ecf-a83a-437f82a69e7a
.im-apps.net/	1970-01-20 14:51:06	Name: synced_imid_secure Value: 1631994225
.im-apps.net/	1970-01-19 21:24:13	Name: synced_group_g1_secure Value: 1631994225
www.fleuri.cc/	1970-01-20 06:05:30	Name: _tdim Value: 1b1867e3-38c3-4dd9-d858-45204d2c0eb3
www.fleuri.cc/	1970-01-20 06:45:49	Name: _im_id.8021 Value: 13391fa556abc417.1631994225.1.1631994225.1631994225.
www.fleuri.cc/	1970-01-19 21:19:56	Name: _im_ses.8021 Value: 1
.criteo.com/	1970-01-20 06:41:30	Name: uid Value: 75887723-bd85-4273-8076-32978610f5d5
.adsrvr.org/	1970-01-20 06:05:30	Name: TDID Value: 2275a75f-828b-4bd7-9129-470b11b3e773
.demdex.net/	1970-01-20 01:39:06	Name: demdex Value: 31793518061836874684281951191610178237
.adsrvr.org/	1970-01-20 06:05:30	Name: TDCPM Value: CAEYBSABKAIyCwjK-4K767n9ORAFOAE.
.dpm.demdex.net/	1970-01-20 01:39:06	Name: dpm Value: 31793518061836874684281951191610178237

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://staticw2.yotpo.com//widget.js Message: Failed to load resource: the server responded with a status of 418 ()
network	error	URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BH42AR4UF25D2PUU575G Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://cd-ladsp-com.s3.amazonaws.com/script/pixel.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://px.ladsp.com/pixel?advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cd-ladsp-com.s3.amazonaws.com/script/pixel.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://px.ladsp.com/pixel?advertiser_id=00001463&su=2&site_url=https%3A%2F%2Fwww.fleuri.cc%2F&referer=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=Ad7gQyHEO93Iks8ADWspWC5BQ88AAAF7-m-TPA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://st.nex8.net/js/nexRt.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a10345300125.cdn.optimizely.com
ac.ebis.ne.jp
ad.caprofitx.adtdp.com
analytics.twitter.com
b.im-apps.net
b6.im-apps.net
b92.yahoo.co.jp
c.contentsquare.net
cd-ladsp-com.s3.amazonaws.com
cdn.optimizely.com
cdn.smartnews-ads.com
cdn3.optimizely.com
cf.im-apps.net
cm.g.doubleclick.net
cnt.fout.jp
cs.adingo.jp
d-track.send.microad.jp
d.line-scdn.net
discoveryplus.popin.cc
dmp.im-apps.net
dpm.demdex.net
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.smartnews-ads.com
ib.adnxs.com
jp-u.openx.net
js.fout.jp
logx.optimizely.com
match.adsrvr.org
p.yotpo.com
pixel.advertising.com
pixel.rubiconproject.com
px.ladsp.com
s-cs.send.microad.jp
s.yjtag.jp
secure.adnxs.com
simage2.pubmatic.com
sp.gmossp-sp.jp
ssl.google-analytics.com
ssl.socdm.com
ssp-sync.i-mobile.co.jp
st.nex8.net
static.ads-twitter.com
static.bytedance.com
staticw2.yotpo.com
sync.ad-stir.com
sync.fout.jp
sync.im-apps.net
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
t.co
t.contentsquare.net
taj1.ebis.ne.jp
tr.line.me
um.ladsp.com
ups.analytics.yahoo.com
www.fleuri.cc
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
yjtag.yahoo.co.jp
st.nex8.net
static.bytedance.com
103.142.124.65
104.111.229.110
104.244.42.5
104.244.42.67
119.63.198.176
13.224.193.108
13.225.78.43
141.226.228.48
142.250.185.194
142.250.185.98
147.92.191.92
150.95.47.200
18.156.0.31
18.179.248.149
183.79.171.252
183.79.249.124
185.33.220.145
185.33.221.91
185.64.190.80
185.94.180.125
199.232.136.157
2.18.232.182
2.18.232.62
202.232.238.37
202.232.238.39
202.233.84.8
202.241.208.56
210.188.196.193
23.45.103.78
23.67.128.30
2600:1901:0:b6a9::
2600:9000:20eb:b800:8:dcbf:c740:93a1
2600:9000:20eb:be00:1e:513c:d3c0:93a1
2600:9000:21f3:a200:2:89de:a580:93a1
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a02:2638:1::13
2a02:26f0:6c00:287::1d72
2a02:26f0:6c00:2a8::13b8
2a02:26f0:6c00::210:bb90
2a02:26f0:6c00::210:bb9a
3.115.55.52
3.120.13.220
3.227.66.247
34.120.190.172
34.241.235.219
34.98.64.218
35.174.227.42
52.19.186.105
52.196.159.45
52.196.86.216
52.198.4.47
52.199.30.188
52.219.137.37
52.29.166.16
52.59.115.28
54.168.155.233
69.173.144.138
70.42.32.31
76.223.111.131
059b41ae0cb22cc8afa7f481650818f86b7f1f3c57abd47aeea22a33e7f12628
083f2ac31422313de20a501bb78a4c662125f68f70b6d5ed6c430be54c2d9568
091a47956a469a570628373780fae2071876c0c7e155dda52c899f4f6391ecc6
0df4f4b3fa4d5d41179d18856f3e0692ce24ba61672fb7dd756243ee45db3135
0ec8f380d6009346ae3a8c391f23306666ec292521efa248a3485965008e3a71
0f7d27ec5d72fb9eea704926ee77f5561f5b2387cf0b28a86008be63c2c919e8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12c72ac36dc2ee06d7376aeb7b525086f213acc40eff4462d738c9afddcbe470
1526a936520f3ceff18a62b29d658d417cd760ca1b6e1dbf6cb4113dea60f97d
153c96ad5d5c58461027d8d1a25cb192fd9243ca97be31f021915d015c907d80
1764bf1b7554d436e919a1ff3685210e6c9c6d7ba84cdebf7b756a31a48b471e
187f9b0598a85bca461dad3c45443c4ffc5a63a4ea14e62ee6425b25768d7bc2
19a26a5ad31a41f17b9bccf4338566d03e43687197ab10b47325b1bd45b55237
1a821616ee0dcbbd15f3571bdb03fb96c98531dd88e2e3f58197893eaaaad950
1b591302cc031f28264cf8a95cdbd10640c0428f67caec621143ea83708492c6
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20b38fcd93d75d872fdf0be0e6a1902085b1c823c0bf786277cd8a3ab87bf88e
2529e6744614421fbd4dbeaacc8d5dcda829fb233eb8cee1d45cb6f1bafbec80
261595338fd9066332abdbde9ab8f2cf826985e226e2d03904777799e54c9665
27fd7b6b35a5e5e6999a675a3b8ef76b4e29425b8c4dd56bf2ed7a665eef0992
28a324c1f6f30d5787f8df1cd4e59e412e803a266c3fcd0f92a32fc648a36d89
2b09b3afcc755174e53ea8080512f25fd2208aea506aede0c672bc2113bc4bec
2b653c3416d9b1c60d831a90730a3055edca75454ba9af70dc724db9478e9f07
2bf9bc4ae4f3fc95f93860871f71a9ce0b788434b7da2085a7db0218165ffefa
2d9c2d6a85b73160d55073d1d72237f5b22f69f75dd16b60c8817313d5154446
33a8f7e9be6007ec9f3456c8d5769a75837b03ef40e788c548c4210b3e5973f0
36e1c00cb349689663b0abb4b6d7dd216e943087d56ffd54ff29093e7315224e
378b53445d34acb2e058f3a0c7675b32a27cfe824d75ff80c648ac827ecd7825
39194933f95a1c6b5697f3e49cd4ba12ffe61857a8224e00d5e015c6e5976c47
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3c3bad27b191b97bd1fc018344b37b72b7c21c7b36014279b460acf154958ea5
3d8a68b082331324260448663bb723b47d58102442b5d64467b3e7700b186966
3ea1d47e294e438851d775f2eca7352b4d03cf662e3ad9410f18bae663a380e5
4138e8096270651b5ee7195edcb8271fae75a79f3cb755396c8447d86f14fe4f
421d4e8037ae64bda3065ec93ee7a390e2abd0c9247bd417bc20587c101f3fdd
428ec634869934c0872307ae89c3351e118925fbddca9d1d588a34b087292a9f
449446966fc86f9b41fb0a26c27f12253c97e2f57f99804289868c252937fc3a
45a42d84d91006002f7f8098a49855f961fd703675c84880023902f5136f048a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a675cba7b068715d81601e794dc8103155c151a6febc2e34801e5e6ea841c3b
4a6cf25fd9187f6328e95be2c56048228013649c548d432be4aa044c49fde8e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e29dccc38bedcab3b6283f6e298d44b37917931ef56da1a633ba7b0c365b536
4ed9aa95e968b0cef83cdc7fc30bd038a578120b4b25531d903a2bb51dce43b7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
52226277699f21f087828599f9b7da09978f5a411ae7aa0457a38a2e9c93d5b2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e21cbd392db32de589e2f4b2aa54c64a645678ddddbadf3c19852b82d9c4dd
55ad22cba594ee369441d15314da77d2dc7df216a93d0ea92aa632141e0782a9
560825ae9bdf057573429755507dcd12f4409a80226ea1f6089e76938f4489c9
589f121345852ebb496268a0bebe1bafbe4a9582e4bec4ff19b80e7466c01113
5a2da72ab63df6ce988758a1d916d1b3f9d7c67ef2122d9712daa75ff66f7a05
5a8047e4d5cf979b39adf7e31a26dfa888f67cd7adcd272ef2178b6c3e8f4fe4
5bcce6c137f2a74e463e9436212877a39a59b4db576fa6eb2ca416307778e8cd
5d8e194a368e509276cabfd4caeb724e5fc7bdeb16ce840e955e596565ddd313
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
62e0fe7bab0be5653632b6760efd914cf75d47f5f6a39e4a329ac50de653691c
63942bc6ed8fdf11ce911006f09660b8be726f0c42d0d9dd69484c5a81103f2c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77
717c57e80c01df29eaff2d6cf5e113787d142fd18a9d017f70b9e41c64898921
72c9ca239d52f17ddd30823b8f9108231a3cf36bdc10abd677d389d75696f90a
72e52c11ecc28d4597646cc0e11202555b121008a911f48b401247df6a19b14a
7569fb74511e863e33fe30fc17befed5b88855cbf61ce56aa34638ae544b548e
77906845d00f7a90f9d73be185f477335936d6921e29ed75f281098bfad1d69e
79687f1fcf53bc1d540dcae63dc538c15037a0eeb6578918ef1c45fa79e48523
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
82951c3b6e1efd5ccd0adc2b19f69e08ccf97f84bbcef26f3cdcd962474418af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838df9ed704db97391f080b25ad6c97045ebb661c3ee74ff4bcf5bfcada2690c
84e2f272052d386779f00694399d4dcbbad2def9c0e1f56e7ab16d133c2cef57
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
883cc9007f21e7c3137547bbcf9aa9a49a1049f0142f35f23e9f26534502b61c
887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82
9521dc0fb84edd1468a5730229e7c95a066c91082d04ef3faf6df2cebfa5d6d9
953a3b5a802a49e944fda8f1294a97c4c365cd6f052bad52e5ad2f1d6d36c8df
959181fcd65ce8f60bcc5e585d603e4e11a14461eee3014b9f35e1470ad51f31
9599a595478fccc670e46ec9e1adf19a06a2c36cb6a7207be86c01b9c4c72cc6
96280da1b41b47280f7cbad02d50009e9b2c893acbfc1d01bcad5916854696bf
9756387affbd5e65e6395393c3b50f8c76b4282170c69a5b7c959e565468e431
984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c
99528b17c7d835da7daa52057e7231556fcc69df7d185935cd631661ff798b66
9958c4c539da6ddd7c7c120870332eca105f57bb4f6c5704cc4a135b94b8cbce
9988adbb1e09f87a942088a13510186763ea55d55c4e8d034c66217ad6ab5233
99bca633f06dbe7cedb8da26e31841617942671d0d31b3112fbffd8351476f54
9a0b4845ba969885a5d65494fc1431680588dd83b0497b9342175f5a1d1e9573
9a28c3eca899a1a148f094b5b48af9ff2f56de408318bacf407fa2e0518b182e
9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9
a2e5c539aa68f8972297f85cdde31f1446c3d0e1d71b84d3bab989374415aaba
a415c4922b4ed1f6170ab6b8e367b2d194fd8d37c0d038fdae33c1e30c56ce5c
a551014fb4d41e194ffe8b8b315d375199e01c01213395ea7f9eb3dfdbe52733
a7281999407162123037c6381a78519ab02ee28a8a1c4a1a31a746ce638bf844
a77769a1d8518c2b6fda75404841edcb831b17309f2a140f03bf2eddc7382bad
a85df0da7dfba048f2d7a8d0002534bcdff0519c1ce1cd3316a7a02791c8cd50
a8fbb3abaab2ca15be99a6a0b8cd0b1f87b091e367d61c112f29c0cc1f9f8938
a959edf4308e54ebd8ffb56b72037e480ce31fe3e7282270777671475a21e69f
aa7cea1a39b870bedb4b2853fecb107b73b646189b1acd8e3c6472ba5c7e8a7c
ab242d8e458c378a8849fbb08095d69a89a7f91e2d1f1e914382b311be13bed3
ac2dcfa8a8d7a3e0e50a4747d78da3fd9f485d6e3ac72acbb5470a5165c54308
ac6a68cfda32a555148940cb5bb04ab841d2516deb6633d6779704166a37d088
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af3b9ece03241bb4ebe2be211bb39553dae8a4387899927e4929d985c244ae85
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0f6ed6203c6b84794084f41991dbc9fc608853a2cf1d097651314af3696ac0f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17e2fbefc934032cc3fc59f5676eb51e9b110212bc1f7bf89731570747a5864
b25740aa42daab2f38d77b54c62c9120f49fcf251c23bb14a4be816a8b07a3e2
b3bdae10bbfe2363fe9f36edc55fa97ac58c7ef3bfd2e3397d0f7ae5a4c46661
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
bc614318fbfd9d4d2b1f6bdfdb6a1c798ed2a1cf859bf01110a4fbffeae04787
c0b1d774b1bafd828638c5fa0e638f405282386662164fccbfdf53df9ad3f970
c51051854c251e025cc958ffe33869f98cf5b70036afa018f0951b3df1324c72
c6f9d2afc8bab66ceee5d55d9c3e787d67d9592ce30909408d1a82ad7282fc61
c8084d1c8e1fcad09e9dcd1ead10f5e0b4ed421e4bdbb16b5e98ca18880a4336
cdd1994b42330965df2b953b390f47c49084f1200064c40c5d87112c5256327e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d218d01a3ed8b57e58388093e85fdee9766cdd0117f6c6a7bb5cacb3cc451aae
d4998ba050fdca397536ad89732532b43331c57355add37855b291f3b5dbd49b
db4ffe90f680e33d97001c7f9bebc1de9735c603bc8acf436c3e0a79d575a57b
db5c038350c53501891921b75c6aad9b2c1efd8c1e65d4984910263257907ae0
dcccd66cd93632f74581835168754e3e93d1b740fdc01ae037df1854bac22e2e
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df9f00ecc5f967b2eada8aa69fc2781561a4e0f48f22bce34286c507f8bf5cc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4caa3aeae7560299fa0c0414ba10c9024cd2d5c4f6bba643c2e08b29a395682
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e602625dd109f5e2af3f2f9803b296abd5f2a3ce8a561af5b79d1eccd674e65b
e6885a7257e9d8ccfcbe3f86b35f1899f9b5da35df3772bd914cfdec36f6739d
eee8f7d5892b1cb2caac75467cf161ac2cd868e830891dac84709b2e541416d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390
f14b69f8c1ccbceac1d1a314860cafad066caff4deb090ee6d208d776151c6da
f3c9d73e039ec7c96a5798704b93076425d722e86371663388d70cdb053cdcaf
f7072b4e5530be9bf6989a0d9a2573bb5d93ac105b7b5b9ff40f57ed40323dc0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd859b5e32b0476c02fe96eb0cad620406b8d4e06718a79e8d0d2405f2cd5072
fe4f7372bb1015d2035f015377a71d804d8a51c18b590307fb473ddfb1d937eb
ff1240803131ac2e8cee5062729919a4f38f7eec1e403919ed9daebfb2f33f35

www.fleuri.cc Open in urlscan Pro 2600:9000:21f3:a200:2:89de:a580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

218 Requests

99 %HTTPS

27 %IPv6

48 Domains

69 Subdomains

63 IPs

7 Countries

1954 kBTransfer

7424 kBSize

72 Cookies

5 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fleuri.cc Open in urlscan Pro
2600:9000:21f3:a200:2:89de:a580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

99 %
HTTPS

27 %
IPv6

48
Domains

69
Subdomains

63
IPs

7
Countries

1954 kB
Transfer

7424 kB
Size

72
Cookies

218 HTTP transactions
0 data transactions