urlscan.io logo urlscan.io
SecurityTrails logo

jeudiparis.com Open in urlscan Pro
3.234.189.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s6264.mjt.lu/lnk/AWoAAFeayLQAAc409P4AA8kM04IAAYKI61oAoAtuACyZYgBnMlZJZDZDd9kqRcWq2PGbDPMw8gApIzQ/5/gyAgDCR-n0...
Effective URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Submission: On November 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 20 HTTP transactions. The main IP is 3.234.189.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is jeudiparis.com.
TLS certificate: Issued by E6 on October 23rd 2024. Valid for: 3 months.
This is the only time jeudiparis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.241.186.140 396982 (GOOGLE-CL...)
1 3.234.189.133 14618 (AMAZON-AES)
3 18.245.86.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:215... 16509 (AMAZON-02)
3 2600:9000:211... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 4.153.129.168 8075 (MICROSOFT...)
20 13
1    35.241.186.140 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 140.186.241.35.bc.googleusercontent.com
s6264.mjt.lu
1    3.234.189.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-189-133.compute-1.amazonaws.com
jeudiparis.com
3    18.245.86.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-20.fra60.r.cloudfront.net
build.cargo.site
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2156:c00:19:ceb4:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
type.cargo.site
3    2600:9000:211e:9200:1d:a440:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
freight.cargo.site
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    4.153.129.168 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
Apex Domain
Subdomains		 Transfer
7 cargo.site
build.cargo.site — Cisco Umbrella Rank: 489829
type.cargo.site — Cisco Umbrella Rank: 281127
freight.cargo.site — Cisco Umbrella Rank: 187788
1 MB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 722
b.clarity.ms — Cisco Umbrella Rank: 9358
28 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
74 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8378
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
553 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3604
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
108 KB
1 jeudiparis.com
jeudiparis.com
74 KB
1 mjt.lu
s6264.mjt.lu
357 B
20 10
Domain Requested by
3 freight.cargo.site jeudiparis.com
build.cargo.site
3 build.cargo.site jeudiparis.com
2 b.clarity.ms www.clarity.ms
2 www.facebook.com jeudiparis.com
2 connect.facebook.net jeudiparis.com
connect.facebook.net
2 www.clarity.ms jeudiparis.com
www.clarity.ms
1 www.google.de jeudiparis.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 type.cargo.site jeudiparis.com
1 www.googletagmanager.com jeudiparis.com
1 jeudiparis.com
1 s6264.mjt.lu 1 redirects
20 13

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
jeudiparis.com
E6		 2024-10-23 -
2025-01-21		 3 months crt.sh
cargo.site
Amazon RSA 2048 M02		 2024-07-30 -
2025-08-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-22 -
2024-11-20		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Frame ID: B53F2D333C7140CA4BEF0205BACFC0AD
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BUYING — JEUDI PARIS REAL ESTATE

Page URL History Show full URLs

  1. https://s6264.mjt.lu/lnk/AWoAAFeayLQAAc409P4AA8kM04IAAYKI61oAoAtuACyZYgBnMlZJZDZDd9kqRcWq2PGbDPMw... HTTP 302
    https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_sour... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

1492 kB
Transfer

2976 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s6264.mjt.lu/lnk/AWoAAFeayLQAAc409P4AA8kM04IAAYKI61oAoAtuACyZYgBnMlZJZDZDd9kqRcWq2PGbDPMw8gApIzQ/5/gyAgDCR-n0o1YGXaYMHgqg/aHR0cHM6Ly9qZXVkaXBhcmlzLmNvbS9idXlpbmc_dXRtX2NhbXBhaWduPVJlbG9jYXRpb25SZWxvY2F0aW9uJnV0bV9tZWRpdW09ZW1haWxSZWxvY2F0aW9uJnV0bV9zb3VyY2U9TWFpbGpldFJlbG9jYXRpb24 HTTP 302
    https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request buying
jeudiparis.com/
Redirect Chain
  • https://s6264.mjt.lu/lnk/AWoAAFeayLQAAc409P4AA8kM04IAAYKI61oAoAtuACyZYgBnMlZJZDZDd9kqRcWq2PGbDPMw8gApIzQ/5/gyAgDCR-n0o1YGXaYMHgqg/aHR0cHM6Ly9qZXVkaXBhcmlzLmNvbS9idXlpbmc_dXRtX2NhbXBhaWduPVJlbG9jYXR...
  • https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
74 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.234.189.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-189-133.compute-1.amazonaws.com
Software
Cargo /
Resource Hash
cdaf14cb8472235f807c6b9a3f2bd86cb4421de0fbecb21e4769446d8a9a7224

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
76065
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 00:19:53 GMT
server
Cargo
x-cache-status
C3-HIT
x-debug-host
jeudiparis.com

Redirect headers

content-length
150
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 00:19:52 GMT
location
https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
cargo-static.css
build.cargo.site/frontend/219848/css/front-end/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://build.cargo.site/frontend/219848/css/front-end/cargo-static.css
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-20.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6ac175392f587267229dc8299d58edbfab957b948575f14d72b5d675d725f7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

vary
accept-encoding, Origin
cache-control
max-age=31536000, immutable
content-encoding
br
x-amz-version-id
GgoLNy4t.u4MAXvyshwqLkRjA5D0Cmav
etag
W/"74496ef21559b7ffb349fd578c0773a2"
age
438743
via
1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HoDeqaZJJDCKGKftNY84tlK_X9ojr-WHuPDhvs3sQT9HqKjwSDeXGg==
date
Thu, 07 Nov 2024 22:27:32 GMT
content-type
text/css
last-modified
Thu, 07 Nov 2024 22:23:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
index.css
build.cargo.site/frontend/219848/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://build.cargo.site/frontend/219848/index.css
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-20.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f85f113de3a2468b5781b388a90f4bc022a4680222530b923907a44b67afc6c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

vary
accept-encoding, Origin
cache-control
max-age=31536000, immutable
content-encoding
br
x-amz-version-id
e_sUpdp6OPeV5H0fnfH605jhtR8zZICv
etag
W/"5692f7b7af6367635a3189f6ee199087"
age
438743
via
1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kxNrPJVAd0OGAlLHMlRiGu9YVOYlFoODxnIk_GVrUW8mQL6o82u9bA==
date
Thu, 07 Nov 2024 22:27:32 GMT
content-type
text/css
last-modified
Thu, 07 Nov 2024 22:23:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		326 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-13JB1GEX21
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34ceb824cfa6a0a3b693c5ac95df826c9b43a1e732e194b7fee513efd7f32997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 00:19:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109922
x-xss-protection
0
server
Google Tag Manager
index.js
build.cargo.site/frontend/219848/ 		989 KB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://build.cargo.site/frontend/219848/index.js
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-20.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba70efa3a9365f32742b0631e4d5622dab0d452f2ec5b14fb462b2dcdbacebbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://jeudiparis.com
Referer
https://jeudiparis.com/

Response headers

access-control-expose-headers
*
content-encoding
br
x-amz-version-id
64hsbk3cHxH70BFmbz2gP1_U2wJhhpZi
etag
W/"14661b8fbe40bc9c8a126f9eb36ab1fc"
age
438743
x-cache
Hit from cloudfront
x-amz-cf-id
EEYlofhRfUPeyPWxVmvGjcD2TYQUKwagrmaGW6XT4tDLKQYeGeEv7w==
date
Thu, 07 Nov 2024 22:27:32 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 07 Nov 2024 22:23:32 GMT
cache-control
max-age=31536000, immutable
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
m4uukjqxt0
www.clarity.ms/tag/ 		553 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/m4uukjqxt0?ref=bwt
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbeac4805001df37c4a46e0fa220a9867e84dfeed5722e046bafc4d675ec6669

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
553
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
application/x-javascript
x-azure-ref
20241113T001954Z-r1cc7858649r69t5hC1FRA2b9000000004bg000000000ybd
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5EDE1Mev' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5EDE1Mev' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4503, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
qHPIrlQRS7hpIOAKqnDQgUf3CpZLzZvWCTUOOKW0IoxGQkPYZGjPEmeYx5rnhtssY0DrLRyEOSntmcW0OI+y+w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
CargoMonumentGroteskPlusVariable.woff2
type.cargo.site/files/ 		382 KB
383 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://type.cargo.site/files/CargoMonumentGroteskPlusVariable.woff2
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c00:19:ceb4:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9dd47dd3cd0d796cc4b0cbf5cea7c4fd9c9e5215e5b539b94d92c8dea7f60e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://jeudiparis.com
Referer
https://jeudiparis.com/

Response headers

access-control-max-age
3000
etag
"e05bfacaeed872c5baa8c84c0b7a3e84"
x-amz-version-id
NeUinct_LU.aPdWXJiVbTqvTNb31AfQd
age
8714
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
Npc8EYhhwa3jC8DIFFSGts6M5Tm5bQ0_QOyS0h8qwlL-OyakLvONUw==
date
Tue, 12 Nov 2024 21:54:41 GMT
content-type
font/woff2
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Fri, 19 Apr 2024 19:10:17 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
391320
x-amz-cf-pop
FRA50-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://jeudiparis.com
Referer

Response headers

Content-Type
image/gif
pexels-eugenia-remark-5767088-14413859.jpg
freight.cargo.site/w/562/h/750/i/P1739436889115092594545108750163/ 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freight.cargo.site/w/562/h/750/i/P1739436889115092594545108750163/pexels-eugenia-remark-5767088-14413859.jpg
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:1d:a440:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5b44cacc2c5ddc22cf81cbe6832ee5affbef0bf79f9c0287f80bff43c8c682b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
max-age=31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"673295ed-3b233"
age
88764
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
accept-ranges
none
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
242227
x-amz-cf-id
Q-KHxYeZVstOTPZjRYZ2q5FWv7uu477_ZfFyv2M00XeSa260M9ZMZw==
date
Mon, 11 Nov 2024 23:40:29 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 23:40:29 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
1194127901639615
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1194127901639615?v=2.9.176&r=stable&domain=jeudiparis.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b508ed3b31d63991c4ef2d457e7ffff2a677f576ff248efef6b97cb2ea801a13
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pnxvrf5I' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pnxvrf5I' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=70, mss=1232, tbw=70423, tp=66, tpl=0, uplat=162, ullat=0
pragma
public
x-fb-debug
ILQ+3Dvotg2EMFZsuYqQpNu/FwxDgphLS8qFbD04GkMuEP8qbBRBK5f/NCFvghBfJwYV662I+2tGMYdr1GZf7w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/m4uukjqxt0?ref=bwt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

x-azure-ref
20241113T001954Z-r1cc7858649r69t5hC1FRA2b9000000004bg000000000ybt
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
5ecc5337-101e-0065-08d3-32809f000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-13JB1GEX21&gtm=45je4b70v9183679381za200&_p=1731457194460&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=1566106665.1731457195&ecid=1297035064&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1731457194&sct=1&seg=0&dl=https%3A%2F%2Fjeudiparis.com%2Fbuying%3Futm_campaign%3DRelocationRelocation%26utm_medium%3DemailRelocation%26utm_source%3DMailjetRelocation&dt=BUYING%20%E2%80%94%20JEUDI%20PARIS%20REAL%20ESTATE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1961
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13JB1GEX21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://jeudiparis.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-13JB1GEX21&cid=1566106665.1731457195&gtm=45je4b70v9183679381za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102067554~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13JB1GEX21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://jeudiparis.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 00:19:54 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-13JB1GEX21&cid=1566106665.1731457195&gtm=45je4b70v9183679381za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102067554~102077855&tag_exp=101823848~101925629~102067554~102077855&z=1482696592
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 00:19:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1194127901639615&ev=PageView&dl=https%3A%2F%2Fjeudiparis.com%2Fbuying%3Futm_campaign%3DRelocationRelocation%26utm_medium%3DemailRelocation%26utm_source%3DMailjetRelocation&rl=&if=false&ts=1731457194949&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731457194948.907868559911079870&ler=empty&cdl=API_unavailable&it=1731457194737&coo=false&rqm=GET
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4494, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 00:19:55 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1194127901639615&ev=PageView&dl=https%3A%2F%2Fjeudiparis.com%2Fbuying%3Futm_campaign%3DRelocationRelocation%26utm_medium%3DemailRelocation%26utm_source%3DMailjetRelocation&rl=&if=false&ts=1731457194949&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731457194948.907868559911079870&ler=empty&cdl=API_unavailable&it=1731457194737&coo=false&rqm=FGET
Requested by
Host: jeudiparis.com
URL: https://jeudiparis.com/buying?utm_campaign=RelocationRelocation&utm_medium=emailRelocation&utm_source=MailjetRelocation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436552028813189615"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 00:19:55 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
i7JQ8qABNc9J2+33Kqfw7CNfby1IXbv5cim3GRUAYajxQK3MF6JGhmTkkDaiXvIXaFF3/dJFwJJidB4mTmGRPw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436552028813189615", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4862, tp=13, tpl=0, uplat=129, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
b.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://jeudiparis.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://jeudiparis.com
Date
Wed, 13 Nov 2024 00:19:55 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
pexels-eugenia-remark-5767088-14413859.jpg
freight.cargo.site/w/562/h/750/i/P1739436889115092594545108750163/ 		237 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freight.cargo.site/w/562/h/750/i/P1739436889115092594545108750163/pexels-eugenia-remark-5767088-14413859.jpg
Requested by
Host: build.cargo.site
URL: https://build.cargo.site/frontend/219848/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:1d:a440:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5b44cacc2c5ddc22cf81cbe6832ee5affbef0bf79f9c0287f80bff43c8c682b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://jeudiparis.com
Referer
https://jeudiparis.com/

Response headers

cache-control
max-age=31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"673295ed-3b233"
age
88764
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
accept-ranges
none
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
242227
x-amz-cf-id
Q-KHxYeZVstOTPZjRYZ2q5FWv7uu477_ZfFyv2M00XeSa260M9ZMZw==
date
Mon, 11 Nov 2024 23:40:29 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 23:40:29 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
WhatsApp-Image-2024-04-20-at-15.07.55_16b315af.ico
freight.cargo.site/t/original/i/P1738929227800655080043554574163/ 		284 KB
285 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://freight.cargo.site/t/original/i/P1738929227800655080043554574163/WhatsApp-Image-2024-04-20-at-15.07.55_16b315af.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:1d:a440:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6e047de03668c94eb0a16f47337504305bbc281dce1557e36787d7c5ef6c69ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jeudiparis.com/

Response headers

cache-control
max-age=31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"67010003-47156"
age
3338408
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
accept-ranges
none
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
291158
x-amz-cf-id
OYFyXAlvpjL-7-csFp5fCZvgIikQX1OywnNyE7ABoWH-mb8HwICgbA==
date
Sat, 05 Oct 2024 08:59:47 GMT
content-type
image/x-icon
last-modified
Sat, 05 Oct 2024 08:59:47 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
collect
b.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://jeudiparis.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://jeudiparis.com
Date
Wed, 13 Nov 2024 00:19:56 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CargoEditor object| core function| gtag object| dataLayer function| clarity function| fbq function| _fbq object| actions object| _windowInfo object| listeners function| logSiteStructure object| lightbox object| store object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
.jeudiparis.com/ Name: _ga_13JB1GEX21
Value: GS1.1.1731457194.1.0.1731457194.60.0.1297035064
.jeudiparis.com/ Name: _ga
Value: GA1.1.1566106665.1731457195
.jeudiparis.com/ Name: _fbp
Value: fb.1.1731457194948.907868559911079870

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.clarity.ms
build.cargo.site
connect.facebook.net
freight.cargo.site
jeudiparis.com
region1.analytics.google.com
s6264.mjt.lu
stats.g.doubleclick.net
type.cargo.site
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
18.245.86.20
2001:4860:4802:32::36
2600:9000:211e:9200:1d:a440:23c0:93a1
2600:9000:2156:c00:19:ceb4:5f80:93a1
2620:1ec:bdf::45
2a00:1450:4001:81d::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.234.189.133
35.241.186.140
4.153.129.168
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
34ceb824cfa6a0a3b693c5ac95df826c9b43a1e732e194b7fee513efd7f32997
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5b44cacc2c5ddc22cf81cbe6832ee5affbef0bf79f9c0287f80bff43c8c682b3
6e047de03668c94eb0a16f47337504305bbc281dce1557e36787d7c5ef6c69ee
a6ac175392f587267229dc8299d58edbfab957b948575f14d72b5d675d725f7f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b508ed3b31d63991c4ef2d457e7ffff2a677f576ff248efef6b97cb2ea801a13
ba70efa3a9365f32742b0631e4d5622dab0d452f2ec5b14fb462b2dcdbacebbe
cbeac4805001df37c4a46e0fa220a9867e84dfeed5722e046bafc4d675ec6669
cdaf14cb8472235f807c6b9a3f2bd86cb4421de0fbecb21e4769446d8a9a7224
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dd47dd3cd0d796cc4b0cbf5cea7c4fd9c9e5215e5b539b94d92c8dea7f60e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f85f113de3a2468b5781b388a90f4bc022a4680222530b923907a44b67afc6c1