hellsparadise.fr Open in urlscan Pro
2606:4700:3036::6815:4bf5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hellsparadise.fr/
Effective URL:
https://hellsparadise.fr/
Submission: On February 09 via api (February 9th 2024, 4:14:37 pm UTC) from US — Scanned from FR

Summary HTTP 245 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 245 HTTP transactions. The main IP is 2606:4700:3036::6815:4bf5, located in United States and belongs to CLOUDFLARENET, US. The main domain is hellsparadise.fr.
TLS certificate: Issued by E1 on January 6th 2024. Valid for: 3 months.

This is the only time hellsparadise.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
4 50	2606:4700:303... 2606:4700:3036::6815:4bf5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
19	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
20	34.111.35.152 34.111.35.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700:10:... 2606:4700:10::6816:1c50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:ba61:0:1... 2a00:ba61:0:126::d	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
245	22

50 2606:4700:3036::6815:4bf5 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

hellsparadise.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com

cdn4.cdn-telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1c50 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:ba61:0:126::d (France)

ASN35625 (EURAFIBRE-AS, FR)

rr2---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	hellsparadise.fr 4 redirects hellsparadise.fr	2 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	782 KB
25	gstatic.com fonts.gstatic.com www.gstatic.com	457 KB
20	cdn-telegram.org cdn4.cdn-telegram.org — Cisco Umbrella Rank: 41618
19	telegram.org telegram.org — Cisco Umbrella Rank: 11155	309 KB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	1 MB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 257 ad.doubleclick.net — Cisco Umbrella Rank: 157	165 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 217	47 KB
6	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1043	189 KB
5	googlevideo.com rr2---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 726805	1 MB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 91	137 KB
4	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 www.google.com — Cisco Umbrella Rank: 2	31 KB
3	ko-fi.com storage.ko-fi.com — Cisco Umbrella Rank: 45446	9 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	8 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	63 KB
245	15

	Domain	Requested by
50	hellsparadise.fr	4 redirects hellsparadise.fr telegram.org
23	pagead2.googlesyndication.com	hellsparadise.fr pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net hellsparadise.fr tpc.googlesyndication.com pagead2.googlesyndication.com
20	cdn4.cdn-telegram.org	hellsparadise.fr
19	telegram.org	hellsparadise.fr telegram.org
18	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
17	www.youtube.com	hellsparadise.fr www.youtube.com
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com hellsparadise.fr googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net www.youtube.com www.gstatic.com
6	fonts.googleapis.com	hellsparadise.fr googleads.g.doubleclick.net
6	use.fontawesome.com	hellsparadise.fr use.fontawesome.com
5	rr2---sn-apaapm4g-apae.googlevideo.com	www.youtube.com
4	i.ytimg.com	hellsparadise.fr www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com
3	storage.ko-fi.com	hellsparadise.fr
2	ad.doubleclick.net	hellsparadise.fr
2	yt3.ggpht.com	www.youtube.com hellsparadise.fr
1	s0.2mdn.net	googleads.g.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
245	21

This site contains links to these domains. Also see Links.

Domain
topmangas.fr
scanboruto.com
ko-fi.com
t.me

Subject Issuer	Validity	Valid
hellsparadise.fr E1	`2024-01-06` - `2024-04-05`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh
cdn1.cdn-telegram.org GTS CA 1D4	`2024-01-01` - `2024-04-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://hellsparadise.fr/
Frame ID: 30ED61F0F0E74184F9F3873FBF2E3ED2
Requests: 86 HTTP requests in this frame

Frame: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Frame ID: CA74336CE9E97010D26B8B06B8BA06FD
Requests: 36 HTTP requests in this frame

Frame: https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 93545DE4E57FF802A1CC3F8670DFB21E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 8B2F30C972ACFA30395AF7B42A743EA4
Requests: 1 HTTP requests in this frame

Frame: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Frame ID: 1FD3B14B16DCC630AC9EB3F743C375E7
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: FFCC167F66689B1B24577F5086BB8F94
Requests: 1 HTTP requests in this frame

Frame: https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 9D75C29BDA3916E9040C133A19492D1F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1964074509604129&output=html&adk=1812271804&adf=3025194257&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fanime-sama.me%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707495271471&bpp=2&bdt=286&idt=230&shv=r20240207&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7708747845460&frm=20&pv=2&ga_vid=2081951538.1707495272&ga_sid=1707495272&ga_hid=967990393&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080797%2C31080819%2C44798934%2C95324581%2C31080933%2C42532361%2C95323761%2C95324154%2C95324161&oid=2&pvsid=1770295419054641&tmod=24330408&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fhellsparadise.fr%2F&loc=https%3A%2F%2Fhellsparadise.fr%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: A2D28FDD8965A1CC5555277E0F1CA0C6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
Frame ID: EFC33DBD32646630BA1FA011ADA232DC
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A6B9A2CCA4F1E72806F48D8EFC6E3D58
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1A82FBCC2EEA0D8EE958DF877BA6665B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CB23733B005C37CB950E5ABF7FB2C297
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6E6AEF9699073EF3DCD262C9D0D9815A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDTgY8DEP-Ume4DGMTS3oUCMAE&v=APEucNX194-ddY-aR_QhXgWAxd3nMLq1nyPw5dO38Jyjr2lWbjvOLm_nr0Ugw2KXkRUPf41-Nb1MHxWUk47ytfb-lYYp6oL_Ig
Frame ID: 2941E1FDC42F8866479E195FA4102C46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js
Frame ID: A2C198F64CF01062D4359AECAE12678D
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E19C085A021EF592F4EAF82DC9492683
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74C2FAB3114469CB4AB5D26CE60CC4CE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EA5A753695E1612D1CD3D998F8CA5157
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 2A136E3B586BE5E5C901E1F22CC2A90F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 7CBE53C6E26ACF2C905529CE6A9834D4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: EE672B7B505CB0C00B5FF609470D4BB6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20624925AB18B143C31D8FB72630E8C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 021B96BB7CA80F7713E4F92091D9AAE3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hell's Paradise Lecture en ligne

Page URL History Show full URLs

http://hellsparadise.fr/ HTTP 301
https://hellsparadise.fr/ Page URL
https://hellsparadise.fr/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

245
Requests

88 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

6806 kB
Transfer

14889 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://topmangas.fr/
Title: 🔥 Hot Scan 🔥

Search URL Search Domain Scan URL

URL: https://scanboruto.com/

Search URL Search Domain Scan URL

URL: https://ko-fi.com/otakusclub
Title: Soutenez-nous

Search URL Search Domain Scan URL

URL: https://t.me/mangascanvf
Title: Abonnez vous sur telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hellsparadise.fr/ HTTP 301
https://hellsparadise.fr/ Page URL
https://hellsparadise.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hellsparadise.fr/ HTTP 301
https://hellsparadise.fr/

Request Chain 13

https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 96

https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 146

https://hellsparadise.fr/js/ogvjs/ogv-support.js HTTP 301
https://hellsparadise.fr/

Request Chain 167

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

245 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
hellsparadise.fr/
Redirect Chain

http://hellsparadise.fr/
https://hellsparadise.fr/

118 KB
24 KB

158ms
110ms

Document
text/html

2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ff535c6447e0d934bdd94ce01c356199eba4279215a111de0896895c20715fab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 852d67e12dce024b-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 16:14:30 GMT
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/" <https://hellsparadise.fr/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json" <https://hellsparadise.fr/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGRaS2EjHoVhg%2B%2BzyCfjG%2Bas4%2FInEJO5R7AXYSaGnAGxtu%2FmgAFKycaPwnnx55CiGJMLKZMIPMtEc%2FC3yuNzuMJOYx3tJqUzYZJ4rLV2ii0oQhrfX9VK%2F4gERIS89ghAH%2FeN1swfJaob6fviidkL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33

Redirect headers

CF-RAY: 852d67e0ad7602d9-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 09 Feb 2024 16:14:30 GMT
Expires: Fri, 09 Feb 2024 17:14:30 GMT
Location: https://hellsparadise.fr/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAMcNaT0PffJW060u5LEqqb4YWTZNd9LhuFyfV3N87oZyM%2FlNy4FbIgrOns7oRqNedlQ75lvnQUdd7MFkiQx2jGDRKQmPuIdHSOM4V1QoYIftAegAoVTcJ3Um0QVq8oqxygXGfURsVHNxhVKTkZ%2B"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 4b6d2e8717d0a12035fdff820bd74edd.css
hellsparadise.fr/wp-content/litespeed/css/ 528 KB
74 KB 77ms
76ms Stylesheet
text/css 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb15a361cf90d50dbe21e8aa9954fd975626f31ccc553211a3e8e10c7c6eba0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Jan 2024 13:13:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"83e50-65ba4771-200026;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRHjjJ7OAm54xlIvWT8Tp9TZeEXQrGNYbVJCeaKboiQwuEGwq2p1SoA5UcCYUZR9FRX2whnq9T64QtFIdAjY4NAYrDKei7C0qRSylRcZCn7M6XeJOVLHAPqckLmlOXZmcana24LhLQs4fQjdkbo%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 852d67e1eed4024b-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:15:05 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 81ms
32ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 731125
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmIVi0eUcpp9C516EZRpMQOKvetJ5DeYEi2ePzQTCFuFM76ZsejV2IsAipKgpNOzKJenw%2FwPRTLDgKtWQGD5TRCjeOnVcn3jA3jDoFRpbVvFqQEphDQMmE7PnIkDG1J3T6aRFJGaW%2Bz%2BENF5WbiLHwZX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 852d67e2395e99c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 78ms
30ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 724229
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QE0mBqOI2yZtvu5FHVFDkr4FuhunaLHLC2eG08W2OeAuKRVafuz10KZ7EBh9k3P%2F6WXr4gBdFSRLOuFRbnYay%2Fo8yxHxtzR8jeYCKIn%2BrXtrFZnHS9n9ulM0Yq%2BLjia48RkBB4Zm41emGeeXd%2FZCxY51"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 852d67e2396099c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 129ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650a9d7c8ab11e6cea2ec927a0526a554caaf6b862f0ccfc7c4b949ba8252e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51272
x-xss-protection: 0
server: cafe
etag: 16918353796397203046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 16:14:30 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb18c75ab2d93c5aad825e73bc41a0cb79b06c7e40d885d0e5e20be1897b1a15

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 instant_click.min.js Show response
hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 33ms
33ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Dec 2023 03:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1697
etag: W/"e63-657d17b7-2c1596;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViOG1AIMdjcnG3m45pZM6HKAf7Otq6h72t8AbEOo9UwaieZwcXp3KBxGMVzFTV1dpHLu%2FfeaHnIkKZkRF75BmloY7CQ3bLs9qvoDPLiwwQFoU%2BoCknnk1t1bVAX28QbJs2DAeSIA7dDJaBxk87uz"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e21f16024b-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 15:43:15 GMT

GET
H3 200 / Show response
hellsparadise.fr/wptelegram/widget/view/@mangascanvf/ Frame CA74 99 KB
15 KB 196ms
196ms Document
text/html 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d46ae11fe44679f71e7d9e2f164514e17908c8dfda2d79bcf21f0e7dd8e43ce4

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 852d67e2aabd046f-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 16:14:30 GMT
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ZzdiR%2F2aIkwaFs0559d8m%2BQSBLSpeWVPiM0rlYIdd4RzUZAhZLNTfZc65WVkIX002NII84I2wzI%2Fj%2BOuj3W65AQXM5wzk5SKgT1frhfkDv%2B8%2B18ZRvxw%2Biz%2B5WzOsdJVrZbcltiRXvGg1sVOyE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33

GET
H3 200 hells-paradise.jpeg
hellsparadise.fr/wp-content/uploads/2023/11/ 560 KB
560 KB 30ms
29ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/2023/11/hells-paradise.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc388384d0c7d9e91d7b8c35eb525b270a799e95744b5907a1cf894ff6a6663

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
alt-svc: h3=":443"; ma=86400
content-length: 573068
last-modified: Thu, 09 Nov 2023 01:11:59 GMT
server: cloudflare
etag: "8be8c-654c31df-360fdd;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED%2FhyIT6Q5Yogo6uNxY%2BVk0XkPUFanF1Fi7sIALrOMIAxOxpMf%2FqxdP1NGQQ7bgOsVvR1IrP3QlUu7vBNFPNRvAl%2F9umSDCh0ND%2BY0go0gzBtBdTAdZvQOovUsTSM3kxsQqevTbeS6XG87X8Xkzw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e28aa0046f-CDG
expires: Tue, 23 Jan 2024 03:48:33 GMT

GET
DATA 200
OK truncated
/ 968 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 eicons.woff2
hellsparadise.fr/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 93 KB
93 KB 183ms
183ms Font
font/woff2 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.23.0
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9434610f03b23074f9ae8ba5dbed66819c052a1d3c8e2256296c50ddeb4fe7f8

Request headers

Referer: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121
alt-svc: h3=":443"; ma=86400
content-length: 94720
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
server: cloudflare
etag: "17200-654c31db-3a0897;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fg1o%2F44NBfKS8a0M2UPZ9nNE%2FZHqY4FBkeSxtaZLT2vBWw57Pkx37kQRstaCAgvsjBcN5e%2FsXcDhI4uboluRKbus%2BGX6kBTJQKE%2BoWU2sH3Cko05RIkKwwO8SJ4IgZKq3Q928lUCahdBFl2DTwn"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e29aa6046f-CDG
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 87ms
27ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403475
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pOelSzDQFgXr1rIyMiRSHqBW%2Fb%2BSTzs%2F%2B8b%2Bu0K7GTATZaQZqN28n3Qb01EHNmBvDfReH4pAfYSobUyzFYoKLMPoIHhliTYHPRNyBkiT0N4RtNc6mBgDBPgDrr9cnfOblGMl9FMPvhNmSotN4tUxTEZ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 852d67e2fea93cc8-CDG

POST
H3 200 guest.vary.php
hellsparadise.fr/wp-content/plugins/litespeed-cache/ 16 B
607 B 267ms
267ms Fetch
text/html 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYgURUej3rFp1S6DYsGOan4yGoaBih5QVwOe7gTwPE7WD7i8OLizCH1MKtXhvdxKRAVxfw0Xzu9atWrFhCVxXlRLxHE3PmP2%2Bc34LSvkd%2BnEIZ%2BCcqtM5ddzYillv3rurxDzy%2BPLXlA54qi5CwKg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-robots-tag: noindex
cf-ray: 852d67e2bac6046f-CDG
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 9354
Redirect Chain

https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Server

2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cf1edad40057e9f8ddb9f85596f19d23115783f05bf4d8d85b6df3dcaab90e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcoUdVKefYwBSI2cdO3Dh6Boa4i5LgqZ84A9St9PoR0yEaXDNWmyJD8WzfGdyq9WptSsEHO2EcOXH1Kc3dIiQwEjcOKJpi%2FgMY8zIEEY2p%2FE7PYQl6QhAw2Mn7HnuaaFSPKcu%2Bm1McMkFLAfRoAD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 852d67e3ebe7046f-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 09 Feb 2024 16:14:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axrTS0SA20yPb340O2pq74qyjOUGFdVSukFuDtw8ccVh0CjYV06j3jfYylciWbd5mgM7STyTgYV6lw%2Ft9ShqLB31%2F5FTrfQFnravIj%2B9eeuNZc%2FgOpEGDt30%2BXasAhlEqvEAATna5W8SeRk6%2FKgO"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 852d67e2cad2046f-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 406 KB
0 138ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1964074509604129&plah=hellsparadise.fr&aplac=true&bust=31080933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141209
x-xss-protection: 0
server: cafe
etag: 16957658006934801395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:14:30 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 8B2F 9 KB
5 KB 85ms
27ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 78019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 18:34:11 GMT
etag: 9539045072340585784
expires: Thu, 22 Feb 2024 18:34:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 font-roboto.css
telegram.org/css/ Frame CA74 6 KB
894 B 92ms
28ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/font-roboto.css?1

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-1816"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 widget-frame.css
telegram.org/css/ Frame CA74 81 KB
21 KB 122ms
57ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?66

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 17:42:21 GMT
server: nginx/1.18.0
etag: W/"64286cfd-1456a"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 telegram-web.css
telegram.org/css/ Frame CA74 27 KB
6 KB 94ms
30ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram-web.css?37

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
server: nginx/1.18.0
etag: W/"63b70e44-6b31"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 404 meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0 111ms
50ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 jquery.min.js
telegram.org/js/ Frame CA74 94 KB
38 KB 148ms
84ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery.min.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-1762a"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 jquery-ui.min.js
telegram.org/js/ Frame CA74 88 KB
0 39ms
39ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery-ui.min.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-181a9"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET tgwallpaper.min.js
telegram.org/js/ Frame CA74 0
0

GET tgsticker.js
telegram.org/js/ Frame CA74 0
0

GET widget-frame.js
telegram.org/js/ Frame CA74 0
0

GET telegram-web.js
telegram.org/js/ Frame CA74 0
0

POST
H3 200 852d67e12dce024b
hellsparadise.fr/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9354 0
597 B 43ms
42ms XHR
text/plain 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/jsd/r/852d67e12dce024b
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGdbmav5MythkzZ6%2BXnvsd5d0WjGCpB67KUu4t3ZjwEY2y1Sg3rMU0bhHVYWp9COplCi7WhLM0pQeMGjlXAfPnipWjs4L1jhnnBQqMlISgqcZXH7EgubKLxbHS3Z16o6Xzl5BW2HtL%2BVEATvn3da"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 852d67e47c6c046f-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
hellsparadise.fr/ 122 KB
26 KB 71ms
71ms Document
text/html 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7903b1463d5197ddded415746e0de5c570c877dccfccb697fb7d15c3c9f93bcc

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 852d67e47c6d046f-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 16:14:31 GMT
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/" <https://hellsparadise.fr/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json" <https://hellsparadise.fr/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB09uHLudxhseGF0RoNl2VEUlKRjyzCitGgQCU75uViMycfdiKG%2BMyhQKJRqCHF6Ahh5G96Sdqi4P3uy8WmhfJhnPcoiVRb5lA9myps0ns2c6cf%2Fr8Tkic9XlICzraJe1%2FKaHMEJdJu26GXRzCit"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33

GET meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET F09F998F.png
telegram.org/img/emoji/40/ Frame CA74 0
0

GET
DATA 200
OK truncated
/ Frame CA74 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA74 534 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET b0MuPflWjSuz87IseSOLNTNwCE6zzhMcnYWeTAvPvB80mCJFzOA7m71jITgNN43sUCn1K4QSmVzFWbxGkTN9xI6DaV_d6MIIeEXtEvdXF62hAvLCIotMaWT5po8EsmoK3d3Zk2Us_9TIHY5yXnt9IqaiODcFe73CKjQDH0HPLs1zSi71rZ4vQPlv48YRzma2Jqwap...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET OqtO8UoQ9agHGTytRQLebx3hJoG_NJjU0tdH4eRtAbB0-YKRzP4BkMYf27PQlKDxi_kmiCGr473b47a-HmM1epF4M-5wa-awpuU8K_JCCrhk3dBhnwp2DCYYrtyhIc6WHpTuy2fBb_38E1TqPnclNA18ANCod8wMp0EbzL2dbNbjUa3jGUt_bvtQQhMJk4srPJ86x...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET PbghfQjKncv-2g8jaPNkVCIK8VwOIoUyPoJzeSIoq71FLxIlpf361sK-X22PRmQ9Uq47KXRqGUSdQIfIxplO3qxIH_84FlRik_ndaPbLMZtAgs6b5VvhFx_5RZqUyMI-OelapUbMeea7wwhpnCqyFS9f1AZGmeQ9LiFfL4WhN0cHjRlgg8TDGp6-hLqx70ubXYDWU...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET U6UMiaca8agsGfbNuN2GffAeMTpByJUfJwB7VHJNlNJ9Mz4ayQOmiaNEYk--krr0fqEAZGQgoxPcB2sBlmRoGo2tOVWCbXUKI64pz5NwdE8Bhe99cNPyWXd5npx6PRdx5kRtSazdgEW4IxcinDZ0HKWG1KRN6OHfAZ7PTS5wypZ5FojZEavJFBUQjXJ_srCD4QMKQ...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET E29ABD.png
telegram.org/img/emoji/40/ Frame CA74 0
0

GET gBJ5Dvur9DHQ7wOqYtcEjwNmWCBeqMmJrnF6lJS-9pUcfiEu0uf5cwOz30wq9DhfwaiikXXGtXppocZZ-KnlD6Hg6BYvwLJ1M6SrhsQPcJ2AvqaH8L1vfXtbY8WuyTSFQraGLEZVXH_5KuP5so0giNdI4VKl1ecILApbev9sGX-d4Py18DbOpdMi6lfuSI2GnkLM6...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET ku2-vR_kAkAcWFsUUYqqQo7d0MjP1Yoo1hqkOyzfUFpbuoICa7hKqIaopO4LXt13CsK4CqSuf35aNV6m5xETm2li_g5tCkOxv7uU3QmPmZ1tBjHCVu9Sl4txLpw6fWZ_53JCU9Npk0BekPISHl1eYMB6k4xI1IAHb3eK9MWYo3d5ApUWAmHzVkPN6dgr6H_b-86Rs...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET ARtxgAD2mkfGTkePo4qbNrw944tkIQpf2pbMuNtr3Tkbtk7KemZGKvPJMBeOyA4gWqfom1IWVu8qDH_25_Nc2EeuieUi_mQAyi8PwhTjZf3ZiXJ00cXHJ0X_4KZj2Ywai4SQcEyQk5xVTkwPh8tWeO9bFcnDUFP02NweeiWWsUbfLXwKytf59vs2VV59FS51yy_Sj...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET TuLbbJmsHKLZpId5VmjmBMNgJwK4VgKQw5EUbeKGmj4A2NRGBevGWoQsT7T8eGonBDjX7VrGRUcfS-X0jiX571Q1w6HvPjppuQw_W9alSX-Xop22j2zhv45gyT9WIVDWl0Mz5D6mLrgFekesPN5lzEu4tYo8_PSl__dKX2a05rQgjwOFAbcKAxD68EUtxQbRGxoae...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET OH_rcdaLlSfSywt-8NoO0-kUko8zoul8iukAWEPFxIoWT6vJfR6QZ7NGdO4O4K29bXz-WBGo6yml1aJqfuTLe7dH-nhbte3gaKZGmtO-LL1f9mObkHCsi7TJGIvYX6I6IvfWmfjKE6oM3JXXFOvtmO9Vmee-RqQEODR71YIiGTdXxFKQl37cNXu-PHT0kMIGs5Gbz...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET aJk0axlr_QKRI-6krRSWavFTQhSvgKUe0LXN-yJWCZ8xDLCYXqOKCG1qTVZYdrRbnRHNih8az4Y3KFxTs6mGuenEo1j0NpqY2Qnsbzn9QXFwPnViBEg_aIRH_-d22ILjTa4oqcHhTQtx_-fBC02igetGzGNucTMgA3sfNfkZHJhq_Qp-OlDFOsOvGBzz0taGifKMl...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET
DATA 200
OK truncated
/ Frame CA74 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET H8YBvNsm5Vwuo3iMXbwgk9V1J-TBn7Ph636U7xZCfncDYBjuQn4CBHcfV_jKWdOYongNzH4bxdBsy6HEUi_ZPH8oIYgpfZxvlrTcIaKWx7bjs7i9BTwSSmTGofq5rQqKol5UrB5uDqris18LebhvPRVU_JmDPrXb0-g4J1IibLmvxbj4Wnw4aFKC88-XGOLUBPfk2...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET SHiZcru472v4csJHnyiz4Y9eIUhpyh27dc9x0TGoTAlmK9BgzJFvf0u-sfUMWAWnN8VtJLtV0oyLTRu2o0PqeuiSlvFQbqrcLlOWknZ5Qlk3u5fXED6vbq4mZhdBwkWjdx6wY1cVWzgnCobOxNocSzcJ-ukAnHqQgJoMivL0-AClzOGoURoZCMPTfwMUA5wB2rWpW...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET ijrKrXcCQh_Kzw75itDyILfq8hHnC5-_IQjA7Qqo5U6Qkoe1tq7fKWqrljxf2i4VcBobmmcCl9JM6rKqyM5rJzJtP9I08jJbHX1Y8bUd-KQHnmOrc2ZFln2PROFAy3zawqA_BZD87F1yoZUzbvIoImAG4dMZeoBJuEyuLY8xevIjXpmIfrKE3OeDW244mBqmfHEd7...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET jy2T-q1kiWmp7qHPSsQChsReT2ziabVudyaIYrbD_p354rYcahiAdvhfZdkLEbnmZdA6BYsiT_BOoyp3-KCXTo6m_AobCDE-S1z10gw9kjN31jY_nKBl2ylmcKglXCcI5CSWKQt62sCcZh_YxE3YqCz8A6PJ_JZ-ALcXC0GuoKM0bGb96llhSzLeYHXXTxUeBOTqQ...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET I9CVUJMgeEkXBSAiKyq5OoL5BHrkF_77QwaodWWoxlq2sIiOxgR2DC3RvXpg8QL_uVNHWx7P_JV087mCUFO4lQi1hgyJOGCQRd6rQH2Fs2Rv1oJWKg0BsxNj3-rOSxnUfNT9KSO3TbS4yXLVzW_DzQCXpROMoW_zs0aXZDxrNVDIAcrKpKLMGXDgThDW4emmz3pY9...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET s93Ms4YcMOSsrI4amfsXM3F_IjTW0UvdaGcAGQqGKZDzEqK0Nd8Xi-DV9ZY5qOxwdqTRNw7D4kUhJGs8tl4dafUvjbecnzSlA_FvcbkEmnEMRysDVaBMPM1aZg0nl_JLzeZAfOCn65qoY7NgLdqIpJmeC0gnIbPpCDlrqUubPVYATEOr1dXjhMBTIjOqkrrRo66Jf...
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame CA74 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame CA74 0
0

GET 77f67bff50.ogg
cdn4.cdn-telegram.org/file/ Frame CA74 0
0

GET
H3 200 webfontloader.min.js Show response
hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 30ms
29ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Dec 2023 03:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124
etag: W/"2f42-657d17b7-2c15a1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZQtWAiKEP17gZKsrMMQ8CpxU3guoWpRcBFC7nbaKGeaCoZJ7rGb0jFjZmWzMRy%2Fkk2UXks6X5bavcZPu%2B2%2B%2BqXWlQesLY9UqXj%2FOAjI3DO79QpySg7X41GOsp7b9IcRkZtaDmc2yyZxA2xyhV8u"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e4fd0e046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:33 GMT

GET
H3 200 4b6d2e8717d0a12035fdff820bd74edd.css
hellsparadise.fr/wp-content/litespeed/css/ 528 KB
74 KB 134ms
133ms Stylesheet
text/css 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb15a361cf90d50dbe21e8aa9954fd975626f31ccc553211a3e8e10c7c6eba0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Jan 2024 13:13:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"83e50-65ba4771-200026;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYJ%2B9%2BpBdobDSw9%2FQHU8d59bv9%2B%2FbGihtfxNFoP3BUT%2F41H1ls6%2Bnup62TWiw2hFS2rFBSGa2rt4sYfXrxN%2FJRTUrtlMxDKYNRgHFJvZY2yGeRFhLPjbzha0pRXBtzUkNTtjHUgKRE3L3xoF5Xz4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 852d67e4fd11046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 08:49:54 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 31ms
30ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 731126
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzMD4ZpzMwvD2EoXSqqfhVrN4SR4twykRgLLXKXj6uxpPsJp7xqYMB5c8A0wss26ppoazlviYkjjKQg1z2ojIjfINJPORYOJVDkTDXrmhDO8wIo3meN6cRrWnYcTzCZgQZJ%2BilMiWvzJ62dEUmfDe4VC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 852d67e4fba199c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 38ms
37ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 724230
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcZhCIeuOzW1pvStcIWYD6OAwfz27Dk1eZLhv5y3lH%2B37GloZIcdyr7L9mFpsUQLtLyIAMT9mQJKNwcth09f5BOkdfJYDnDhKdvBZTH%2FeA9PMBAsIISEhIhDNXrOzTiWXVQ5hvJKHqHabPkcc1iVA7fh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 852d67e4fba399c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
hellsparadise.fr/wp-includes/js/jquery/ 86 KB
31 KB 42ms
41ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/jquery/jquery.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124
etag: W/"15601-654c31d5-36003d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXFUrGOvSHDKty8ZWABrqsuVOJeQ8N%2Buh58f9Db09msf%2By3vrsm8FQsyrlsexUBVTDm0reg%2BkKt1hZtR%2FdXTWUyPXDzV6iFIvddc6AjFBzklCpmF%2FyWUCtgyZ4%2BGTJmZJKltY5SvIL%2BaL22bN3Pa"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e4fd13046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 21:59:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d828b044f86e25d8565bf5afbd646ccfb51641641175cc43d0c019747ca74230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51272
x-xss-protection: 0
server: cafe
etag: 10023949703510019893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 16:14:31 GMT

GET
H3 200 hells-paradise-volume-13.jpeg
hellsparadise.fr/wp-content/uploads/2023/11/ 236 KB
237 KB 113ms
112ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/2023/11/hells-paradise-volume-13.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b58a98475a980d65d62c28edd2586447e63caafc8636e58085899eac677b2dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:11:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3b105-654c31df-360fad;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78U64OaFYY1tN0RV74QcAYPx32kQ%2FhAzN58OpTXIdhLiX2DCYag1k3YUm5spes8qUQj1Ee59qBsGZeT1%2BmTLIVcM3YVaY7%2BuUqD3ebRX52tv4JOLBIyJqr9rbJ9bUMkIzJrInSuhHD2lU06qAHjk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e4fd15046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 241925
expires: Fri, 09 Feb 2024 08:18:55 GMT

GET
H3 200 instant_click.min.js Show response
hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 30ms
29ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Dec 2023 03:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 125
etag: W/"e63-657d17b7-2c1596;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0OuksS88wv5nCwVu%2Fft0wpFVNmK3vRqTlbXHda0z%2BZSLV%2Fe9aVFv39e%2FWOFnQqs28Y0Ys2JalHcbo4%2F8eOhohqz9mK9DyA%2FWVTKbL1ik3x6mKfa6fGDxRJvrqNxNVMrCSHxRcwlqYwys2Giqk5K"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e4fd17046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:33 GMT

GET
H2 200 Widget_2.js Show response
storage.ko-fi.com/cdn/widget/ 3 KB
2 KB 103ms
40ms Script
application/javascript 2606:4700:10::6816:1c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/widget/Widget_2.js?ver=6.4.3
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OrvIUQF0Mg8EkV9ejBdWSw==
age: 3925
cf-polished: origSize=3628
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 24 Oct 2022 16:33:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 89014072-601e-005d-57c1-53e834000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 852d67e678050299-CDG

GET
H3 200 wp-polyfill-inert.min.js Show response
hellsparadise.fr/wp-includes/js/dist/vendor/ 8 KB
3 KB 31ms
31ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"1feb-654c31d5-34112a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB%2B2ISsDlI4wOtaK0zbiRcZrmKgUYyWWhSowB51zznx54vwfL8eMXfQn05I%2FbgOv9F1UYr8pdZpCXbzvVv1kWAyhgYXvZFMOmWf7IY9c2qBU84G7K7mVWWWSeqxjJvctlzG2rureuNTyEn1qafRS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e16046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H3 200 regenerator-runtime.min.js Show response
hellsparadise.fr/wp-includes/js/dist/vendor/ 6 KB
3 KB 28ms
27ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6150
etag: W/"19e1-654c31d5-341116;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8WmRgf3Qs7OMc%2BryRhvYEwpD8TBgqP6kmC8cpzx5Y7KbDj4jueZDzoxPkJZFMrJ5ix9giX%2F1slpZlltR9YqY5QKmJVehVa1m%2Brw8o4n%2FZEWNIHTwjdocwXKssoadvGrHp1wBqHTFp7W5tNITeIm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e17046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Feb 2024 16:20:07 GMT

GET
H3 200 wp-polyfill.min.js Show response
hellsparadise.fr/wp-includes/js/dist/vendor/ 112 KB
36 KB 33ms
33ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"1c1b7-654c31d5-341120;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8%2FYWB31NiIV7Y%2Fjj7PV6LZLkqYDie3hQ9nIiQzabxdJ5%2FAAuAQxiYdsuv2zei1owFal3zxvLm9k8oD2NkV1MeSsb8OBVrp9HH4dYOVn5E%2BkfRcqLys5R5Ac6eaIL%2FwGV5jV4b%2B6l0JLXlQbjBIu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e18046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H3 200 hooks.min.js Show response
hellsparadise.fr/wp-includes/js/dist/ 5 KB
2 KB 30ms
29ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/dist/hooks.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"1213-654c31d5-34115f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywUOkZ9w2fBJQmQskVI7wyo2IS3ifWWwVzmpZsYIMFSSm2j%2BZhDrWwgZGEnWGvm2a5ibZZWOBgRY1WNwTRZjv%2Bdf0F9gJE6s29q%2FGYw4oQsBeed92xemKTVSHINVBpyWtOWNonZqBD1QXEJTRJU6"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e19046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H3 200 i18n.min.js Show response
hellsparadise.fr/wp-includes/js/dist/ 9 KB
4 KB 32ms
32ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-includes/js/dist/i18n.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"24e5-654c31d5-341168;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXEgGfRmcZ%2FIDOLzieFg3LTlKAHnhl%2F8jfAaY8StF%2FEo770OgpoSsGgeiEf00%2FigaPyWRb9yULD%2BpalFbuu94qrQjItXIoD2J6d0fDXuLbrdmlVYjiZGdp9kWYiicdY0x3uHaUc2MZvItgd0rVpl"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e1a046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H3 200 0ea771f4d6c2e06d9a8a84d7ea8d429b.js Show response
hellsparadise.fr/wp-content/litespeed/js/ 261 KB
73 KB 126ms
126ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf7cb1ebe221c59698aba1dcf04a889be2a298018b4686d539724c9d540603a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 16 Dec 2023 03:32:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"413dd-657d1a55-20011f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyhlPeeQ4VcPATdtuNYRs%2BabpCq4ILzlu1xno0LchegPJWsETc%2FuPwRntRM%2B6%2BYTEP6eTQdACQc0VX5hWCfHv2tPBL2%2BGgcjN2viiCV4CNuP8b%2FV6yAW%2BeIhuoqMhNZyZ5%2BJUjmEgYIvgbhoV8nA"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e61e1c046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Feb 2024 20:31:00 GMT

GET
DATA 200
OK truncated Show response
/ 561 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b506ad23b101cd015c655e6aedfe7f689454f26a4b155553c26e2c666bcf804e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae0d3c6ca12a3452924c53402b1497e0c4d49b6de15174c582c9651f1a3aaddf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 335c88d7ccad853696b06d3d524c872567a8cc04c6966cd8cf0451834a5a7dc3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 58 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 540580b26b44773105f13c8893cbcf216b840fe9e3e35e25686e2ddbf0d3044b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da7fe863dfb2e7256521038d63e5ae697ea77719d7214985c8f70e5505f44cb5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 hells-paradise.jpeg
hellsparadise.fr/wp-content/uploads/2023/11/ 560 KB
560 KB 33ms
33ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/2023/11/hells-paradise.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc388384d0c7d9e91d7b8c35eb525b270a799e95744b5907a1cf894ff6a6663

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124
alt-svc: h3=":443"; ma=86400
content-length: 573068
last-modified: Thu, 09 Nov 2023 01:11:59 GMT
server: cloudflare
etag: "8be8c-654c31df-360fdd;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hL6K3Z2IKaDUXOogjiMASUWhIgGjc4s3At5z5OIjMUzM44FIn%2BVoD8AqeAHqa6aNzG7PgHYWb5I%2FzkrplxPo1JT7f0IHgllRAsPfAe1Uj3p5JiQALlvJ0NRtu25ptoOMl8c5KE9nEJgKOphxCLky"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e62e2d046f-CDG
expires: Tue, 23 Jan 2024 03:48:33 GMT

GET
DATA 200
OK truncated
/ 968 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 eicons.woff2
hellsparadise.fr/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 93 KB
93 KB 167ms
167ms Font
font/woff2 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.23.0
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9434610f03b23074f9ae8ba5dbed66819c052a1d3c8e2256296c50ddeb4fe7f8

Request headers

Referer: https://hellsparadise.fr/wp-content/litespeed/css/4b6d2e8717d0a12035fdff820bd74edd.css?ver=aadde
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122
alt-svc: h3=":443"; ma=86400
content-length: 94720
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
server: cloudflare
etag: "17200-654c31db-3a0897;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swQSmrya6mzCn6nnlL0RDi3nfQoN%2BW%2B8KTireiIDoPaBYIJJMyggfLr5Ue3FsAKz8P8cCoWY5cQ6ZHLSrbsJqlanwuCBoLwXEJXaoM%2BqZAnKtyyn0rEvyJQT81sU7etRPY1xUoO05GkchQc565Pr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e63e3c046f-CDG
expires: Tue, 23 Jan 2024 03:48:34 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 28ms
28ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403476
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF1BBllc2sbCNsEGATCdjj9HmmB0qMQEgv6VeqOYQDPvM5cXzGb3%2FhEOhkbM3krG8Pfx06rJ4SFTk5Kz1hAtteHW8CixabSjRcdd8JnH2pOrqwc%2BnUa%2FD7TcWi%2BpOTz8WBJVlYpcSM6hRpwcwgZ3R3uH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 852d67e6396c3cc8-CDG

GET
H3 200 / Show response
hellsparadise.fr/wptelegram/widget/view/@mangascanvf/ Frame 1FD3 98 KB
15 KB 178ms
177ms Document
text/html 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c715d30245ca45a64cb5a8d9e8c112ef90f73a37367ac468cf2b481f39648c8d

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 852d67e64e4c046f-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 16:14:31 GMT
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7uVHfWcF9J4EYLu9%2Bm96Jz6ikwtjcw8fK1ce%2FwBKfu8eurbGye18cbU4rXrnrQL4YXlUKjwUdFAq6BpkGIzOqrNh3j4wbO4uypsup7BGsY6HIJdTjUXZerB%2Bz%2BOY7n8JeUytLB4W5JsQL6eDIAS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33

GET
H2 200 css
fonts.googleapis.com/ 94 KB
3 KB 102ms
38ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Condensed:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f6574bed2f0e9b62d4e77945317e6a1a9e3becfbb9498b39390fda73eb1ef6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 16:02:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 406 KB
138 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1964074509604129&plah=hellsparadise.fr&aplac=true&bust=31080933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b765a8de141e205d9ce11e1ec73695c745859f90f51dc77870fc2af3700f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141209
x-xss-protection: 0
server: cafe
etag: 16957658006934801395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:14:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame FFCC 9 KB
4 KB 35ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1964074509604129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 46365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 03:21:46 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 03:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 163ms
103ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto+Condensed:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 05:51:13 GMT
x-content-type-options: nosniff
age: 555798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Feb 2025 05:51:13 GMT

GET
H2 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 153ms
93ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:32:36 GMT
x-content-type-options: nosniff
age: 9715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 13:32:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 192ms
132ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:15:07 GMT
x-content-type-options: nosniff
age: 14364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 12:15:07 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 181ms
121ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:53:54 GMT
x-content-type-options: nosniff
age: 253237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 17:53:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 94ms
34ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:58:11 GMT
x-content-type-options: nosniff
age: 144980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:58:11 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 159ms
100ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 12:16:48 GMT
x-content-type-options: nosniff
age: 359863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 12:16:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 87ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 284657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:10:14 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 188ms
128ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 12:50:08 GMT
x-content-type-options: nosniff
age: 357863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 12:50:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 175ms
116ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:56:55 GMT
x-content-type-options: nosniff
age: 166656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 17:56:55 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 190ms
130ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:58:43 GMT
x-content-type-options: nosniff
age: 144948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:58:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 186ms
127ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:46 GMT
x-content-type-options: nosniff
age: 145065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:56:46 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 183ms
124ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:51:07 GMT
x-content-type-options: nosniff
age: 249804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:51:07 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 115ms
56ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:21 GMT
x-content-type-options: nosniff
age: 144610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:04:21 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 132ms
73ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:58:40 GMT
x-content-type-options: nosniff
age: 144951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:58:40 GMT

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 56 KB
56 KB 165ms
106ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:11:02 GMT
x-content-type-options: nosniff
age: 144209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56996
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:11:02 GMT

GET
H3

200

main.js Show response
hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 9D75
Redirect Chain

https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

24ms
24ms

Script
application/javascript

2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Server

2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c777911e48d20f5acd5a2f396dd5aef897e74222fb167131ed5b9eefc5d29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa5sBPj3lEtdK64HeRc1Esf9zdOoslJWGlQJv4772qU64ySjP%2BVdJhv98WCwpTOFJdnMP%2BdPay%2BOeDxDxWVEOeOyUWYlpUm7dynRCCPB%2BszE6xsneKUOHRCLt713ibZzBTLCEmg88uO%2BXClKNdce"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 852d67e77f72046f-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 09 Feb 2024 16:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LlfxP181OMb%2BMPqoyIc3%2F%2BMhctDsmLPXz%2FvQY%2FBXAGAHmfC%2FlCfDRFx2nguJ1D0FSIWVFaxwifYyFVAi8b6Db%2BOvIEGeQ4h3YOObD0QZqo1npppq2eCUGd0LCgZgrboW0hHYKXzKi8VOXRcmD1g"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 852d67e72f2c046f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517c26455d1244fc5810748e503af92f3adc0b5073ec3db605841f948468bfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 15:47:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:31 GMT

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ 6 KB
6 KB 36ms
36ms Image
image/webp 2606:4700:10::6816:1c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 3278
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 8935b522-301e-004e-1505-5addd5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 852d67e738d30299-CDG

GET
H2 200 whitelogo.svg
storage.ko-fi.com/cdn/ 2 KB
975 B 36ms
36ms Image
image/svg+xml 2606:4700:10::6816:1c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/whitelogo.svg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: NNxd8cik1auzYySPv5WiaQ==
age: 5427
x-ms-lease-status: unlocked
last-modified: Mon, 24 Oct 2022 16:33:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 66b47517-601e-003b-6ab5-225a6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 852d67e738d80299-CDG

GET
H3 200 nav-menu.70d63d6d093f3a45a0c6.bundle.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 27ms
27ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor-pro/assets/js/nav-menu.70d63d6d093f3a45a0c6.bundle.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ea1a93d916ef7f4023e821c6b9b9c31fa92ca91c885753a3e014386fa654c4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6149
etag: W/"122b-654c31da-3a0415;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG%2FpAgA4B3Nf1OLubRtPQe7zUKP7QYEgp3z9jaUdE9ilARSCQQK1YqBNofcUIowGpFpNdtVNsYn9mlmQpZgONmt%2BRwN41A%2BOGhIfHsKZ%2FsEpSvz0xLIwIvZB31bqoe3F6RK6VCGcb3bWWxCKhE2o"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e75f42046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 21:59:04 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 32ms
32ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 168b0b3e4dad8dd251775a64bfd2eaaa3fec94b04971043eebc16665757ab151

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6149
etag: W/"550-654c31db-3a07d6;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyXWAsR%2FU4Jv92hNNRVqkheQwZCZhZoYDXUud3%2FirfmPEfiOjyfRPjahIpHNrRZHMCVcnH4ahLA9erZyP65Ls0UyyUEEbUu1cXfDlHTXEfz7TOweW%2BEaSdVQknKQHXYnkUmXMBC3pQTWDgrDger0"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e75f48046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 Jan 2024 03:48:35 GMT

GET
H3 200 video.fea4f8dfdf17262f23e8.bundle.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor/assets/js/ 3 KB
2 KB 107ms
107ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/js/video.fea4f8dfdf17262f23e8.bundle.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b3c184d683b2cf90a2e786ba5ea2ecc31068e0d64f85dace72ebcf4d41d0871

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"cfc-654c31db-3a07ac;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIpHwK4c0pxWTtstpNtJ7SMETLvTK%2BLUCwJRnZkvEWB3e9ILQsvp2LiY2P6Jsq8uekXEOGA6Lfg5bAUk9aPV43kpvEy0Cwor6v2x%2Fb5ldH9UKB7xzyN%2FpIs26SBw63rvCGkJw3dQek3O0moT3Ewc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e75f4b046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Feb 2024 06:49:43 GMT

GET
H3 200 image-carousel.4455c6362492d9067512.bundle.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor/assets/js/ 432 B
799 B 106ms
106ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/js/image-carousel.4455c6362492d9067512.bundle.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b099ed8df0b4da7d96a83fe24aed573122b8df1b110c1426e66f40584047273b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b0-654c31db-3a0830;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hJBXpZKPgRLXomPXN5AfuuowkLo2PA30C1M9Q5iNwgCknKYWzGjTdVhItOfBc4clxadrNKmzSe8GfdFmBPPNvcEpYmjUPrZWg2ilCWtsnkevpsyxt%2BNlkm3Lc4y6dNFRaMHO8c9%2B%2FeeZRmr3YlS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e75f54046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 24 Jan 2024 16:39:17 GMT

GET
H3 200 search-form.6eb419c467197ca411a7.bundle.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor-pro/assets/js/ 2 KB
1 KB 112ms
112ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor-pro/assets/js/search-form.6eb419c467197ca411a7.bundle.min.js
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9461969b07629f368a8a6eab1df115a12f6bc4ed9ad4bf0f93c4334b51d6d79b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:11:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"854-654c31da-3a0418;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B1dzL8YUVMKFHK1%2BO8EZQkopv9VkRr2SOtyyOncrhpE3Le1S9%2BtTX03RPBnlhdZLVmriwXMgpOVRnuboDKblnbWBJAu0FAvFiatZZPs3NIcPi%2Bbf9Uo0kSZZb4H89qfInTyCS%2FzgRtSFB3KIcXG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e75f55046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Feb 2024 06:49:43 GMT

GET
H2 200 font-roboto.css
telegram.org/css/ Frame 1FD3 6 KB
893 B 30ms
28ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/font-roboto.css?1

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-1816"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 widget-frame.css
telegram.org/css/ Frame 1FD3 81 KB
21 KB 32ms
30ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?66

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 17:42:21 GMT
server: nginx/1.18.0
etag: W/"64286cfd-1456a"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 telegram-web.css
telegram.org/css/ Frame 1FD3 27 KB
6 KB 33ms
31ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram-web.css?37

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f5569fd592a9f98733b42e918680b19ddcab0d5cf365d001b4ade87cf84968ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
server: nginx/1.18.0
etag: W/"63b70e44-6b31"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H3 404 meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 44ms
43ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
telegram.org/js/ Frame 1FD3 94 KB
38 KB 35ms
34ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery.min.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-1762a"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 jquery-ui.min.js Show response
telegram.org/js/ Frame 1FD3 96 KB
32 KB 34ms
33ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery-ui.min.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-181a9"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 tgwallpaper.min.js Show response
telegram.org/js/ Frame 1FD3 3 KB
2 KB 31ms
30ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgwallpaper.min.js?3

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
server: nginx/1.18.0
etag: W/"62211da5-ba3"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 tgsticker.js Show response
telegram.org/js/ Frame 1FD3 24 KB
7 KB 31ms
30ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgsticker.js?31

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 11:31:32 GMT
server: nginx/1.18.0
etag: W/"64242194-601c"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 widget-frame.js Show response
telegram.org/js/ Frame 1FD3 92 KB
25 KB 32ms
32ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?62

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 18:46:51 GMT
server: nginx/1.18.0
etag: W/"6441889b-16f16"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 telegram-web.js Show response
telegram.org/js/ Frame 1FD3 12 KB
4 KB 33ms
33ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web.js?14

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 10:32:52 GMT
server: nginx/1.18.0
etag: W/"62345fd4-2e63"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
28 KB 112ms
111ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:12:34 GMT
x-content-type-options: nosniff
age: 144117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:12:34 GMT

POST
H3 200 852d67e47c6d046f Show response
hellsparadise.fr/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9D75 0
598 B 36ms
36ms XHR
text/plain 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/cdn-cgi/challenge-platform/h/b/jsd/r/852d67e47c6d046f
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfILyJm8swynf2MfbySpxqtxugHqddqV1QKiXEQ6GNOSFhPF0qAJ4sfzU6vJMe3QkSf7lhtFIh9m6KqZrqtfY5vKTvJRJZivP0umwTVpo6C%2BrHt%2FZrvA%2BeT36ovr8AJIrEKBSqjibbzJwJszDm7X"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 852d67e7fff0046f-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2D2 679 KB
138 KB 630ms
629ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1964074509604129&output=html&adk=1812271804&adf=3025194257&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fanime-sama.me%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707495271471&bpp=2&bdt=286&idt=230&shv=r20240207&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7708747845460&frm=20&pv=2&ga_vid=2081951538.1707495272&ga_sid=1707495272&ga_hid=967990393&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080780%2C31080797%2C31080819%2C44798934%2C95324581%2C31080933%2C42532361%2C95323761%2C95324154%2C95324161&oid=2&pvsid=1770295419054641&tmod=24330408&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fhellsparadise.fr%2F&loc=https%3A%2F%2Fhellsparadise.fr%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1964074509604129&plah=hellsparadise.fr&aplac=true&bust=31080933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

689bc32979db9e90b5cb8254039b084e24c0e6b50f0dff5015aaa8344769c4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 141730
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:32 GMT
expires: Fri, 09 Feb 2024 16:14:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=SECTION&cls=elementor-section%20elementor-top-section%20elementor-element%20elementor-element-24ac196%20elementor-section-boxed%20elementor-section-height-default%20elementor-section-height-default%20elementor-sticky%20elementor-sticky--active%20elementor-section--handles-inside&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 16:14:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 61ms
61ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 F09F998F.png
telegram.org/img/emoji/40/ Frame 1FD3 2 KB
2 KB 31ms
31ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/F09F998F.png
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2eee814cf1ce6d4f84ed9e5b4a34b61f13e58bfdeb0d2b4a40263416bfb1cac3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-864"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 2148
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
DATA 200
OK truncated
/ Frame 1FD3 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1FD3 534 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f93aaf50538e87ad350d4cc6ffdc88298008f2fe15ab8bb7beac64efbc83d661

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 404 b0MuPflWjSuz87IseSOLNTNwCE6zzhMcnYWeTAvPvB80mCJFzOA7m71jITgNN43sUCn1K4QSmVzFWbxGkTN9xI6DaV_d6MIIeEXtEvdXF62hAvLCIotMaWT5po8EsmoK3d3Zk2Us_9TIHY5yXnt9IqaiODcFe73CKjQDH0HPLs1zSi71rZ4vQPlv48YRzma2Jqwap...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 69ms
68ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/b0MuPflWjSuz87IseSOLNTNwCE6zzhMcnYWeTAvPvB80mCJFzOA7m71jITgNN43sUCn1K4QSmVzFWbxGkTN9xI6DaV_d6MIIeEXtEvdXF62hAvLCIotMaWT5po8EsmoK3d3Zk2Us_9TIHY5yXnt9IqaiODcFe73CKjQDH0HPLs1zSi71rZ4vQPlv48YRzma2Jqwapp6EQy0-3M_dFyR9ipbWxE1PeQsHT57CYpp1Ui0cMBiQGX1gUrjOlbzwmGdEwtiujZQWaE9s0Tmek4UtDI6ABpnzHbWA19eYYlnRivv4m5J_XHINPXn5N5OPo_AjqIzYXOJhERriNjuqlh47gg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 OqtO8UoQ9agHGTytRQLebx3hJoG_NJjU0tdH4eRtAbB0-YKRzP4BkMYf27PQlKDxi_kmiCGr473b47a-HmM1epF4M-5wa-awpuU8K_JCCrhk3dBhnwp2DCYYrtyhIc6WHpTuy2fBb_38E1TqPnclNA18ANCod8wMp0EbzL2dbNbjUa3jGUt_bvtQQhMJk4srPJ86x...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 76ms
76ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/OqtO8UoQ9agHGTytRQLebx3hJoG_NJjU0tdH4eRtAbB0-YKRzP4BkMYf27PQlKDxi_kmiCGr473b47a-HmM1epF4M-5wa-awpuU8K_JCCrhk3dBhnwp2DCYYrtyhIc6WHpTuy2fBb_38E1TqPnclNA18ANCod8wMp0EbzL2dbNbjUa3jGUt_bvtQQhMJk4srPJ86xBN117GUqb2ZjAgZRqgQuhzlO-TJWwZrX6OzsauTjKo5yiRsyymKsXrXbI1tnHj8R7nS-sZBSpvw3m7qtOTY0PZWzO-dPdcMcuYwEDgje9Nh-131dkxB4TP8NISYxqxkm_cSubE81ixoPfZAZA.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 PbghfQjKncv-2g8jaPNkVCIK8VwOIoUyPoJzeSIoq71FLxIlpf361sK-X22PRmQ9Uq47KXRqGUSdQIfIxplO3qxIH_84FlRik_ndaPbLMZtAgs6b5VvhFx_5RZqUyMI-OelapUbMeea7wwhpnCqyFS9f1AZGmeQ9LiFfL4WhN0cHjRlgg8TDGp6-hLqx70ubXYDWU...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 75ms
75ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/PbghfQjKncv-2g8jaPNkVCIK8VwOIoUyPoJzeSIoq71FLxIlpf361sK-X22PRmQ9Uq47KXRqGUSdQIfIxplO3qxIH_84FlRik_ndaPbLMZtAgs6b5VvhFx_5RZqUyMI-OelapUbMeea7wwhpnCqyFS9f1AZGmeQ9LiFfL4WhN0cHjRlgg8TDGp6-hLqx70ubXYDWUAGTOTp1ENxpd5JNYotUc3s2_9C-uFbPxXQHWE7oftXRd6pxrWhOj9x6iaQuD30kB_Wj7pt7DDIler6AgC71SGBfzUwrIQ1QpDHgbDNqjPZfZpSvHy1g5NFKPFjYtL8KH6KHbfy-NygS63UvpQ.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 U6UMiaca8agsGfbNuN2GffAeMTpByJUfJwB7VHJNlNJ9Mz4ayQOmiaNEYk--krr0fqEAZGQgoxPcB2sBlmRoGo2tOVWCbXUKI64pz5NwdE8Bhe99cNPyWXd5npx6PRdx5kRtSazdgEW4IxcinDZ0HKWG1KRN6OHfAZ7PTS5wypZ5FojZEavJFBUQjXJ_srCD4QMKQ...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 78ms
77ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/U6UMiaca8agsGfbNuN2GffAeMTpByJUfJwB7VHJNlNJ9Mz4ayQOmiaNEYk--krr0fqEAZGQgoxPcB2sBlmRoGo2tOVWCbXUKI64pz5NwdE8Bhe99cNPyWXd5npx6PRdx5kRtSazdgEW4IxcinDZ0HKWG1KRN6OHfAZ7PTS5wypZ5FojZEavJFBUQjXJ_srCD4QMKQ0KywRLbFz6_ApDQMDanQj6nvtZqCYjznGEJzw4nzhZHnWNtonaXzQ4cGTmOxbGQ2jpSxlzAxA9R_EEHenwKr6Ih0HhqYl1rG77g1jYsJwrdcDN_4NDnCqfcwoWMfNtRrdVaVgCRp7deNF1u_A.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 E29ABD.png
telegram.org/img/emoji/40/ Frame 1FD3 1 KB
2 KB 30ms
29ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E29ABD.png
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e0577a508911f8d2d66baa42a4a8357819c991020c16414403cd4be562d5b80c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-5ec"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1516
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H3 404 gBJ5Dvur9DHQ7wOqYtcEjwNmWCBeqMmJrnF6lJS-9pUcfiEu0uf5cwOz30wq9DhfwaiikXXGtXppocZZ-KnlD6Hg6BYvwLJ1M6SrhsQPcJ2AvqaH8L1vfXtbY8WuyTSFQraGLEZVXH_5KuP5so0giNdI4VKl1ecILApbev9sGX-d4Py18DbOpdMi6lfuSI2GnkLM6...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 87ms
87ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/gBJ5Dvur9DHQ7wOqYtcEjwNmWCBeqMmJrnF6lJS-9pUcfiEu0uf5cwOz30wq9DhfwaiikXXGtXppocZZ-KnlD6Hg6BYvwLJ1M6SrhsQPcJ2AvqaH8L1vfXtbY8WuyTSFQraGLEZVXH_5KuP5so0giNdI4VKl1ecILApbev9sGX-d4Py18DbOpdMi6lfuSI2GnkLM6XR_nJOebRVqAFfPgqNj7aBWy19c8q1h9TzcDfYRrFSfRHQfe8QLehi5nbgBpZIsfT_oKAUT39O9NetXjMCZAdUx5nl-lbPEuJdeHQFpbd_8yZhCghJQYPyEFczrrogwYN2AGOb5eySUeUDgfg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 ku2-vR_kAkAcWFsUUYqqQo7d0MjP1Yoo1hqkOyzfUFpbuoICa7hKqIaopO4LXt13CsK4CqSuf35aNV6m5xETm2li_g5tCkOxv7uU3QmPmZ1tBjHCVu9Sl4txLpw6fWZ_53JCU9Npk0BekPISHl1eYMB6k4xI1IAHb3eK9MWYo3d5ApUWAmHzVkPN6dgr6H_b-86Rs...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 63ms
62ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/ku2-vR_kAkAcWFsUUYqqQo7d0MjP1Yoo1hqkOyzfUFpbuoICa7hKqIaopO4LXt13CsK4CqSuf35aNV6m5xETm2li_g5tCkOxv7uU3QmPmZ1tBjHCVu9Sl4txLpw6fWZ_53JCU9Npk0BekPISHl1eYMB6k4xI1IAHb3eK9MWYo3d5ApUWAmHzVkPN6dgr6H_b-86RsGCCI562fBX6w-qNmJ0homUVhShMGQYRnvfuHPrYWK2V_JOjcL2BntWBchxz2JsHAMZ3SJQqnKwzRUl0uxj-M1YrXseanLMTC89vT0XeM7P34ppJ0OpE7OgvDTjV7HXRDgjFUKXNGVaMNSOhrg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 ARtxgAD2mkfGTkePo4qbNrw944tkIQpf2pbMuNtr3Tkbtk7KemZGKvPJMBeOyA4gWqfom1IWVu8qDH_25_Nc2EeuieUi_mQAyi8PwhTjZf3ZiXJ00cXHJ0X_4KZj2Ywai4SQcEyQk5xVTkwPh8tWeO9bFcnDUFP02NweeiWWsUbfLXwKytf59vs2VV59FS51yy_Sj...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 84ms
83ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/ARtxgAD2mkfGTkePo4qbNrw944tkIQpf2pbMuNtr3Tkbtk7KemZGKvPJMBeOyA4gWqfom1IWVu8qDH_25_Nc2EeuieUi_mQAyi8PwhTjZf3ZiXJ00cXHJ0X_4KZj2Ywai4SQcEyQk5xVTkwPh8tWeO9bFcnDUFP02NweeiWWsUbfLXwKytf59vs2VV59FS51yy_Sjt6c8BPj7ZattnMtPgNCNULEEgKsZHF8EukoWpCUXIEhfc0YSeULptQRbYO1wzc-tlWlSoay75rDr-QmDlDIJUmNqlottP5FBoQih3uSb8rD09gN6g-1VRZUZwqYbsX5uHb65cPHxBiYP8B8kw.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 TuLbbJmsHKLZpId5VmjmBMNgJwK4VgKQw5EUbeKGmj4A2NRGBevGWoQsT7T8eGonBDjX7VrGRUcfS-X0jiX571Q1w6HvPjppuQw_W9alSX-Xop22j2zhv45gyT9WIVDWl0Mz5D6mLrgFekesPN5lzEu4tYo8_PSl__dKX2a05rQgjwOFAbcKAxD68EUtxQbRGxoae...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 82ms
81ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/TuLbbJmsHKLZpId5VmjmBMNgJwK4VgKQw5EUbeKGmj4A2NRGBevGWoQsT7T8eGonBDjX7VrGRUcfS-X0jiX571Q1w6HvPjppuQw_W9alSX-Xop22j2zhv45gyT9WIVDWl0Mz5D6mLrgFekesPN5lzEu4tYo8_PSl__dKX2a05rQgjwOFAbcKAxD68EUtxQbRGxoaecppHT0Xjkb4YOOZr7Mvyl0kUNIK3gm4Oo4mZX7OwFmYXlTl_dlbr_Qh6B82lrBYB3LmyCi2BuOH_JRrIbpCaO0chR9kxLhLcVOPj1BV5AhxBqtuClaZfRxCtpt9ZamkZvg9RSkVoWEct1kfdw.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 OH_rcdaLlSfSywt-8NoO0-kUko8zoul8iukAWEPFxIoWT6vJfR6QZ7NGdO4O4K29bXz-WBGo6yml1aJqfuTLe7dH-nhbte3gaKZGmtO-LL1f9mObkHCsi7TJGIvYX6I6IvfWmfjKE6oM3JXXFOvtmO9Vmee-RqQEODR71YIiGTdXxFKQl37cNXu-PHT0kMIGs5Gbz...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 70ms
69ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/OH_rcdaLlSfSywt-8NoO0-kUko8zoul8iukAWEPFxIoWT6vJfR6QZ7NGdO4O4K29bXz-WBGo6yml1aJqfuTLe7dH-nhbte3gaKZGmtO-LL1f9mObkHCsi7TJGIvYX6I6IvfWmfjKE6oM3JXXFOvtmO9Vmee-RqQEODR71YIiGTdXxFKQl37cNXu-PHT0kMIGs5GbzgTcWz64DYGnHumAITNhf_kfcJdgKJ812NbrHuNz_b_XqkhXYEKCCEv6YtSI7ZedNHU4ga-6R_l_JsBkrsF4ril_x850vhpevldnV9cGIENLhf-81j7erNcIt2f1fGE7fm1j8l_8SIv_gGqVAA.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 aJk0axlr_QKRI-6krRSWavFTQhSvgKUe0LXN-yJWCZ8xDLCYXqOKCG1qTVZYdrRbnRHNih8az4Y3KFxTs6mGuenEo1j0NpqY2Qnsbzn9QXFwPnViBEg_aIRH_-d22ILjTa4oqcHhTQtx_-fBC02igetGzGNucTMgA3sfNfkZHJhq_Qp-OlDFOsOvGBzz0taGifKMl...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 59ms
59ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/aJk0axlr_QKRI-6krRSWavFTQhSvgKUe0LXN-yJWCZ8xDLCYXqOKCG1qTVZYdrRbnRHNih8az4Y3KFxTs6mGuenEo1j0NpqY2Qnsbzn9QXFwPnViBEg_aIRH_-d22ILjTa4oqcHhTQtx_-fBC02igetGzGNucTMgA3sfNfkZHJhq_Qp-OlDFOsOvGBzz0taGifKMljrEsK4mAphkc7OjQoOwBY3L2VWOQ4C0qQJ6TThSsVbCgx_J4CJSAgwfKQEo3s_YiohYsmIBJtDj01YtpVaXiVlpTd1dkn0a-g_8IHgr_4MlZYoTAk0HtC63BPGEr6j8_sCrNDRDmrKrP5FJ7A.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1FD3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 404 H8YBvNsm5Vwuo3iMXbwgk9V1J-TBn7Ph636U7xZCfncDYBjuQn4CBHcfV_jKWdOYongNzH4bxdBsy6HEUi_ZPH8oIYgpfZxvlrTcIaKWx7bjs7i9BTwSSmTGofq5rQqKol5UrB5uDqris18LebhvPRVU_JmDPrXb0-g4J1IibLmvxbj4Wnw4aFKC88-XGOLUBPfk2...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 66ms
66ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/H8YBvNsm5Vwuo3iMXbwgk9V1J-TBn7Ph636U7xZCfncDYBjuQn4CBHcfV_jKWdOYongNzH4bxdBsy6HEUi_ZPH8oIYgpfZxvlrTcIaKWx7bjs7i9BTwSSmTGofq5rQqKol5UrB5uDqris18LebhvPRVU_JmDPrXb0-g4J1IibLmvxbj4Wnw4aFKC88-XGOLUBPfk2zu8ENhB9oLGx9jtssh_QMscaaOwAnEIqG46KG2YSWAwmOKnrG3G2r0M3EsvOuS_YpbztqG0tOEorafShTk-Fl82QGqX-vBXzu6XN0D0XhGVY2W8dN53jn_qj5rnjYmxlFngPNly2wHFiKPjsw.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 SHiZcru472v4csJHnyiz4Y9eIUhpyh27dc9x0TGoTAlmK9BgzJFvf0u-sfUMWAWnN8VtJLtV0oyLTRu2o0PqeuiSlvFQbqrcLlOWknZ5Qlk3u5fXED6vbq4mZhdBwkWjdx6wY1cVWzgnCobOxNocSzcJ-ukAnHqQgJoMivL0-AClzOGoURoZCMPTfwMUA5wB2rWpW...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 57ms
57ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/SHiZcru472v4csJHnyiz4Y9eIUhpyh27dc9x0TGoTAlmK9BgzJFvf0u-sfUMWAWnN8VtJLtV0oyLTRu2o0PqeuiSlvFQbqrcLlOWknZ5Qlk3u5fXED6vbq4mZhdBwkWjdx6wY1cVWzgnCobOxNocSzcJ-ukAnHqQgJoMivL0-AClzOGoURoZCMPTfwMUA5wB2rWpWC8QsfOIrPd4DpYBVvpldStT1ebPaPoQMOtBTXS_VDLmgRHd584MIs0RtbHPeBm_9thmi4YLBEKL3YsFHewrHNIWhF47KGxvheI-Vpfua2b9-1YJsF-vFI3mvOC7oo4SWW0G-DEx8IDleX2hzg.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 ijrKrXcCQh_Kzw75itDyILfq8hHnC5-_IQjA7Qqo5U6Qkoe1tq7fKWqrljxf2i4VcBobmmcCl9JM6rKqyM5rJzJtP9I08jJbHX1Y8bUd-KQHnmOrc2ZFln2PROFAy3zawqA_BZD87F1yoZUzbvIoImAG4dMZeoBJuEyuLY8xevIjXpmIfrKE3OeDW244mBqmfHEd7...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 54ms
54ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/ijrKrXcCQh_Kzw75itDyILfq8hHnC5-_IQjA7Qqo5U6Qkoe1tq7fKWqrljxf2i4VcBobmmcCl9JM6rKqyM5rJzJtP9I08jJbHX1Y8bUd-KQHnmOrc2ZFln2PROFAy3zawqA_BZD87F1yoZUzbvIoImAG4dMZeoBJuEyuLY8xevIjXpmIfrKE3OeDW244mBqmfHEd7NJqY9X8jPZizS1cN-FF2E_VteAHoU9LbRpP5Si3SYsVWesaF_31Y0-FPKq7XsjITR017FLDZRFmxXHD9b3RtbWRJ7tyXrXeAQob2lr28TEUojlSIeYB-JJkG_-eHy0_vVQwZu_KXw5lgy6Jzw.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 jy2T-q1kiWmp7qHPSsQChsReT2ziabVudyaIYrbD_p354rYcahiAdvhfZdkLEbnmZdA6BYsiT_BOoyp3-KCXTo6m_AobCDE-S1z10gw9kjN31jY_nKBl2ylmcKglXCcI5CSWKQt62sCcZh_YxE3YqCz8A6PJ_JZ-ALcXC0GuoKM0bGb96llhSzLeYHXXTxUeBOTqQ...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 82ms
81ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/jy2T-q1kiWmp7qHPSsQChsReT2ziabVudyaIYrbD_p354rYcahiAdvhfZdkLEbnmZdA6BYsiT_BOoyp3-KCXTo6m_AobCDE-S1z10gw9kjN31jY_nKBl2ylmcKglXCcI5CSWKQt62sCcZh_YxE3YqCz8A6PJ_JZ-ALcXC0GuoKM0bGb96llhSzLeYHXXTxUeBOTqQmUs2eOiLRguS5nWeKUlMWRO0NBdWpWeaYNGRMol95RbDDfwWovDPlAVyhgmhQHOPT8ugO8HBk8lXJIrmAcz3i1_0tyPOIlYpow_i0c-StCRYxnE5v8lpqxyNWqD8Tpql3NpidVuposBO5qi6Q.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 I9CVUJMgeEkXBSAiKyq5OoL5BHrkF_77QwaodWWoxlq2sIiOxgR2DC3RvXpg8QL_uVNHWx7P_JV087mCUFO4lQi1hgyJOGCQRd6rQH2Fs2Rv1oJWKg0BsxNj3-rOSxnUfNT9KSO3TbS4yXLVzW_DzQCXpROMoW_zs0aXZDxrNVDIAcrKpKLMGXDgThDW4emmz3pY9...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 53ms
52ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/I9CVUJMgeEkXBSAiKyq5OoL5BHrkF_77QwaodWWoxlq2sIiOxgR2DC3RvXpg8QL_uVNHWx7P_JV087mCUFO4lQi1hgyJOGCQRd6rQH2Fs2Rv1oJWKg0BsxNj3-rOSxnUfNT9KSO3TbS4yXLVzW_DzQCXpROMoW_zs0aXZDxrNVDIAcrKpKLMGXDgThDW4emmz3pY9Ll-9kx0o0fP-_Mfvix-AAf2iP581P6y5THsjvB3VbVjiwfsnV0Er5OdNoOIRdE9uE-f0G9w1n_oLRMYFi2ajmno-eMhFwEJzm-usdRAwFmrZJVlwp6yrXtcmPzlQ6TQLT6All29HGmimI7EKA.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 404 s93Ms4YcMOSsrI4amfsXM3F_IjTW0UvdaGcAGQqGKZDzEqK0Nd8Xi-DV9ZY5qOxwdqTRNw7D4kUhJGs8tl4dafUvjbecnzSlA_FvcbkEmnEMRysDVaBMPM1aZg0nl_JLzeZAfOCn65qoY7NgLdqIpJmeC0gnIbPpCDlrqUubPVYATEOr1dXjhMBTIjOqkrrRo66Jf...
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 70ms
70ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.cdn-telegram.org/file/s93Ms4YcMOSsrI4amfsXM3F_IjTW0UvdaGcAGQqGKZDzEqK0Nd8Xi-DV9ZY5qOxwdqTRNw7D4kUhJGs8tl4dafUvjbecnzSlA_FvcbkEmnEMRysDVaBMPM1aZg0nl_JLzeZAfOCn65qoY7NgLdqIpJmeC0gnIbPpCDlrqUubPVYATEOr1dXjhMBTIjOqkrrRo66JfVY5p18YG2eKt_JGei4eIW6DqfmPm6--mhgnwgsNobuza8MtcmLkbBMl3QTZwEKqp0DvK4JkToo2AWe0YY56JL0u-KVDBe0e4ih5BYrpM1L7vfj-erstJJ5x5sQ0BbRrYc2wqdiZVcoiRGZtcA.jpg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame 1FD3 11 KB
11 KB 32ms
32ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b14"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11028
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame 1FD3 11 KB
11 KB 63ms
63ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://hellsparadise.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b40"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11072
expires: Tue, 13 Feb 2024 16:14:31 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 119ms
47ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 09 Feb 2024 16:14:31 GMT

GET
H3 200 swiper.min.js Show response
hellsparadise.fr/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 112ms
112ms Script
application/x-javascript 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/litespeed/js/0ea771f4d6c2e06d9a8a84d7ea8d429b.js?ver=aadde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"21f91-654c31db-3a0870;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1mz8kcgXrLRj01o5lBBJ6GBJGhgczi4uvtyV4XG%2Fpn7uzyfbRhjCrvWkitG6loSuYZMr%2BUiZfym5q4lxMGxxrw5T49JE6ATiL2zXfLyJQduq192uh3aarbixNkqCbyiSUck0b2%2B8D4HOlEB2XG1"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 852d67e8a89c046f-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 07:08:02 GMT

GET
H3 404 77f67bff50.ogg
cdn4.cdn-telegram.org/file/ Frame 1FD3 0
0 84ms
84ms Media
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.cdn-telegram.org/file/77f67bff50.ogg?token=kRHBKcC76MzJDW5QjWaaCp1vI1HGien00Xs9skHPOz83c73OkH9sveIgM2RgcMAryOz3s4xXSJoTXicz3gaO_-WdWCFb498fPRSjcAgRCjXkRpiLcE_7Orl5QJINkY_pk-Ir2nyRptHsaP-GeeQsBiC3q84yikDBAbZpPucansbikij4ttDA1K1WK3SzyvYJWZyJMOxKhTddWOVuVENING3_3_xLtcOXdpWphb1FzL7eHv5PfDI7jO64RILatJdHZ3QJNhqZUU7uB80dYRmVk1Kv9rjYPawMY7VuyEE0rC-jDKAOQOOEsvXyHSMoI0je2NiVYg2w9oXsFbkYvx7RkA
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellsparadise.fr/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range: bytes=0-

Response headers

GET
H3

200

/ Show response
hellsparadise.fr/ Frame 1FD3
Redirect Chain

https://hellsparadise.fr/js/ogvjs/ogv-support.js
https://hellsparadise.fr/

121 KB
26 KB

70ms
70ms

Script
text/html

2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: dd419b9c1191bb2352b499c35a7cc4db0aba8a53400d89f165bf858b62dc1253

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
x-litespeed-cache: hit
x-dns-prefetch-control: on
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MsV3p1OGBS60kTjhmHRf4VLfrv9o8HuxXVzAPTHqYLT5AKuTTSBVFebec1UO5aT4cRuoQcjHS3vsvHEWgb3xtoKqTWgUd0uSDK6eg8RcK92v9%2BK%2FxUCOUbyf0BJ6zEl63nlqmAE%2FpG4SbhU7UCv"}],"group":"cf-nel","max_age":604800}
cf-ray: 852d67f888ba046f-CDG
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/", <https://hellsparadise.fr/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <https://hellsparadise.fr/>; rel=shortlink
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 09 Feb 2024 16:14:34 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
x-redirect-by: Rank Math
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 963_HTTP.404,963_HTTP.301,963_404,963_URL.ebcbc9bb0175cdc101f5de011b686f75,963_
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtEm1ZBuRmGY2vsZFad0%2BgRO%2BpsqYdQE73OieJeIO7sMdh0u69xAhqY9%2BIpKFSdm8Hb%2BFMqUTF8TIMB8z573WbhSaTivaOXRIGfROP9jdO2el5p3Bh1ZixroBuojj8jrRItrQLUxJyPEkfV130JC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://hellsparadise.fr
cache-control: max-age=14400, must-revalidate
cf-ray: 852d67e8c8af046f-CDG
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pattern.svg
telegram.org/img/tgme/ Frame 1FD3 226 KB
81 KB 34ms
34ms Image
image/svg+xml 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/tgme/pattern.svg?1
Requested by: Host: telegram.org
URL: https://telegram.org/css/telegram-web.css?37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://telegram.org/css/telegram-web.css?37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
server: nginx/1.18.0
etag: W/"63b70e44-3891a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=345600
expires: Tue, 13 Feb 2024 16:14:31 GMT

POST
H3 200 / Show response
hellsparadise.fr/v/ Frame 1FD3 4 B
645 B 2425ms
2425ms XHR
application/json 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellsparadise.fr/v/
Requested by: Host: telegram.org
URL: https://telegram.org/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: */*
Referer: https://hellsparadise.fr/wptelegram/widget/view/@mangascanvf/
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
x-litespeed-cache-control: no-cache
x-litespeed-tag: 963_HTTP.404,963_HTTP.200
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbZWlGTP2JnnLn4aVY4rsAPRWXYpOGAay6LbuGp6VdONQJ7ZAbP65wOpYE35HVXHWDzeW0eLMG40dsrti9up8R9VFp7zQktoylTjdJQ2tmQSfNmrSgkejKIVi%2FbwSyTlHtHzAkznDQ0zK2Lyk1mp"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 852d67e8f8d2046f-CDG
link: <https://hellsparadise.fr/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 W2s8HQOSOCE-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 24 KB
24 KB 108ms
107ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/W2s8HQOSOCE-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af056f40e2c0da7a8dad50ebc677a6990ea9b201ff8e403d32ca719f9f5b1ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5fa0-654c31f7-3c1017;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7z3BlGrrAYtnrNmKTIlV%2B9M44NqzKkEZPlK22Hl6o9%2BQv6ouhCS1SPZ73YtLqGgRQ7QCbrNGV82ywxSp94wlmgMxp5OWP03CGEmVHhkXD2RIL7fLf9llgda6OmYHOUhNEunQsiRoYO79cy5I59W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e9794c046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 24480
expires: Sun, 28 Jan 2024 07:08:03 GMT

GET
H3 200 5qGAWA4B6Ic-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 18 KB
19 KB 106ms
104ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/5qGAWA4B6Ic-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2d7d178bf05f5cf095e6cffce46e3cf3f2f2098f2ea37294d47727742bf5f1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "49af-654c31f7-3c1018;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRFcEoPq8odXOBBLFCxbe%2BpYfUmjo%2B%2FV0XzI1AOiB5vxs%2B6%2FXG7wkp45B3bOyRG6c50CjtRvuRO0viQGZyN49aU2xntmwrfTgh8f4GMi7UQHo6Fwis1vAOArPnfFV7JyonSMsLdfubvZENlo7EaU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e9794f046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 18863
expires: Sun, 28 Jan 2024 07:08:03 GMT

GET
H3 200 1hzATAqg1s4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 27 KB
28 KB 70ms
69ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/1hzATAqg1s4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcc42d9e0bf09f47a1021e19a293c28f96cb3bf3aeedf4cfaf5b73c0bd9d0a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6c74-654c31f7-3c1019;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYkDQcFbZG%2F9GU232Z8ZyA%2B%2FA3%2FIxXbqXhFVG8GJ%2BwvyBqdK1hLsYHkdrGF8NNDOK%2FyzR5KtTYL6DJwND5EdctM9s%2BSF0G6rwmyk84OqpDc6ChKYzdpZnEBLluKIc28MzN3ASFdLids9OLQK9Kfs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97952046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 27764
expires: Wed, 07 Feb 2024 21:14:16 GMT

GET
H3 200 LYYuz8TPSbQ-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 21 KB
22 KB 109ms
108ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/LYYuz8TPSbQ-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d045be463a5bcbe31693583227c05198ef9ef38bcd09a61f42eb6e571f8c7f4a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "547d-654c31f7-3c101a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J5Nand%2F26lftOwuuoBVMh0G%2FH89JNQwVbECLqWvd4RFxJ3pq3MTnrhBh9f4t6a9I2zCH5pxE%2BW9hND0CEXNeBMFGu6uIES5es02SL7OUgOWlV6beFAq5hZeLmHRTp%2Bf0gyfOhM0oYeCOgDjrRB9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97953046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 21629
expires: Thu, 08 Feb 2024 20:15:15 GMT

GET
H3 200 dOrWxo1KvoI-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 23 KB
24 KB 33ms
32ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/dOrWxo1KvoI-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5762a1c9d3eaf77cf5b9af2cc62b308751ee2fb55455825908521cc527abb1fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17279
alt-svc: h3=":443"; ma=86400
content-length: 23718
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
server: cloudflare
etag: "5ca6-654c31f7-3c101b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipe7CP2gI708E7e0EFdmSmL3hQ8a%2FfUKqh2%2FSNq19LY%2BOm%2BOexBdWIfub8f6a%2FOOKk3L0hfixcCsJFZs5F%2Fa3QlVGCxr2%2Bsf3A7w1gJh5mTv%2Bm37jigwM43840Yj0b0rRkfofSpXefAkBe9j%2FESU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97955046f-CDG
expires: Fri, 09 Feb 2024 23:26:32 GMT

GET
H3 200 umf98w3P2o-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 29 KB
29 KB 108ms
106ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/umf98w3P2o-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba23813e149b11e8c95321695c5a20be132e8176007b2a2209230c1a90bda1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "72e8-654c31f7-3c101c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8GZLzqek5DxrbqGRzYINGgZvxjpRu2%2Bbpf260WUucIy0bgF9Vz0eDzRWxPBGHrjapJH%2F9o9XgWa802sXxei1OmLpC1OqTXoVKjNs3ee5X6HaVAXN8fQ353fA42vAPh3zSgf64C3arh6bpMATtSx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97956046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 29416
expires: Wed, 07 Feb 2024 21:14:16 GMT

GET
H3 200 kSz8_eIVRkk-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 13 KB
14 KB 108ms
107ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/kSz8_eIVRkk-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a563fdfb3ca938d84f7c27a40a83eb5d66bca739ef95bda12f692a420a69e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "356e-654c31f7-3c1022;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmvQpwEpdfp7ZqmwPQs3k4%2F6YBWDWBaTXby89b0qM0HSLhLzzGaH%2BIPF0hKnXA603xcL9AsE8GJd%2B%2BQWfsqgINdUWLF1An5p9XbFSCCxuKr%2BKDHbGzWR64HRjJJF5RPY8ADchjAY%2BlWAqngV4ZbV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97957046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 13678
expires: Wed, 07 Feb 2024 21:14:16 GMT

GET
H3 200 P_s9O4Zb7zI-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 24 KB
25 KB 30ms
29ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/P_s9O4Zb7zI-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad3a1f86a57f02306ab81ecca4ce0e122488a8039aaadbd2eebec2fe7225b10

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17279
alt-svc: h3=":443"; ma=86400
content-length: 24815
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
server: cloudflare
etag: "60ef-654c31f7-3c1023;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkmioAB8CiB3hCfQikF8%2BMH5Tnv%2FCkF%2FgHn6UeDP2IIiA5gJ15pnUnGvJY5hRZTr9aSLc0dZufGCtJliuvql3X4XyG5kmpfVTOqac6HHo83AXZXi5Zp%2FiSFPOu2ELJO%2F%2FCY%2FUMns%2B6ipoTCUyIjf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e97958046f-CDG
expires: Fri, 09 Feb 2024 23:26:32 GMT

GET
H3 200 JUMBDlcngHM-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 14 KB
15 KB 125ms
124ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/JUMBDlcngHM-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608453b1fc48dcaf65fd41462ebade486ce27d6557fc8da33810f029653a5bd4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3858-654c31f7-3c1024;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l857X35UG%2BHfU1yTPq4T1EoIb38O60%2BBYYqSPhlW31gnD1ScmWu4g%2B0ULX%2FazzlrONjObGvtBONTP%2BkccNYVqsnjPlFyw%2BB1YHgui98wDrFTj9bZd415dQlWyy9eOS45VVmBaA36ze%2FuWAaZm3Tg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67e9795a046f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 14424
expires: Thu, 08 Feb 2024 20:15:15 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5e928255/www-widgetapi.vflset/ 216 KB
67 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68548
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Feb 2025 16:02:37 GMT

GET
H3 200 NvQUhdysL5E Show response
www.youtube.com/embed/ Frame EFC3 93 KB
40 KB 176ms
176ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1b2ec65d532e8b8f060da014e25d63cfad770a9363a2368cf7bf975b29eff5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/5e928255/ Frame EFC3 361 KB
47 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47709
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Feb 2025 12:25:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFC3 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 384162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFC3 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 284718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5e928255/www-embed-player.vflset/ Frame EFC3 319 KB
95 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97419
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Feb 2025 15:48:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/ Frame EFC3 2 MB
776 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdc5e626d9abe6a336afe792f9d76d12008aeab4fc77db1a7b4c1a2805ae640e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794699
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Feb 2025 23:56:45 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 165 KB
56 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/reactive_library_fy2021.js?bust=31080933

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fece26c018b63bf148b9c071d9e4897b8a0545c916cc78969d46468c3ea25787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57136
x-xss-protection: 0
server: cafe
etag: 7535267723361554543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 ca-pub-1964074509604129 Show response
fundingchoicesmessages.google.com/i/ 23 KB
11 KB 118ms
53ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1964074509604129?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e279cb1b5d68d238e62b805f61843b889cf1378723681938b313ab9121d59b98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MLwNw9uPfpbuO-5OlhuPbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-MLwNw9uPfpbuO-5OlhuPbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWIiH48W8mevYBFYcefaFEQCmj08A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EFC3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

34ms
33ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329285bbcb50dfbfacf8ebd813907a9bdbceaa0873b8486c927ee808fec19e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EFC3 29 B
495 B 85ms
25ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:06:55 GMT
x-content-type-options: nosniff
age: 457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 16:21:55 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 96ms
35ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 09 Feb 2024 16:14:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EFC3 87 KB
40 KB 44ms
43ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0e129d8048571c66da7f2de8cddaffccc2692f10f28a4e8179914ee9c061db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40811
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame EFC3 72 KB
31 KB 192ms
192ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a59cb35eb7031decd7e7d9076fb47d3fb2f7abb5ce97acb78751c0f6f6aabcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240205.00.00
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31989
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Show response
www.google.com/js/th/ Frame EFC3 51 KB
20 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19865
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 23:55:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/ Frame EFC3 54 KB
17 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b66d8131b636653251f7307ab40d4dacd3799230fdb169b8a1b61f29a39eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17050
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Feb 2025 23:56:47 GMT

GET
DATA 200
OK truncated
/ Frame EFC3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skuSlzNKMXm160sEtdGaQAjw51MJ5FYLe4PUjo337lMLfyz36SGbUX1Rz2MQXnUNpAdJus_GXg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame EFC3 3 KB
3 KB 86ms
25ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/skuSlzNKMXm160sEtdGaQAjw51MJ5FYLe4PUjo337lMLfyz36SGbUX1Rz2MQXnUNpAdJus_GXg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

47d5d4703c36b08f2e396243efeba9dc2337776810abc9335c99eb7826ef0ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 14:11:00 GMT
x-content-type-options: nosniff
age: 7412
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3151
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:11:00 GMT

GET
DATA 200
OK truncated
/ Frame EFC3 333 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6ade95b8ded382a6867f5bf483f5effc45e34b1ea69382b9f408f3a57fb0606

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame A6B9 9 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 42602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:24:30 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 04:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 1A82 9 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 42602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:24:30 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 04:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame CB23 9 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 42602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:24:30 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 04:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 6E6A 9 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 42602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:24:30 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 04:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame A6B9 5 KB
694 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 15:27:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A6B9 205 B
518 B 115ms
55ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:57:28 GMT
x-content-type-options: nosniff
age: 8224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 13:57:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A6B9 604 B
696 B 116ms
56ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:16:06 GMT
x-content-type-options: nosniff
age: 143906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 00:16:06 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame A6B9 16 KB
7 KB 125ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame A6B9 22 KB
9 KB 120ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1A82 2 KB
589 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c162014c40274a84cbce7373aca4aadecd99078a3d274668e812e3244a8da01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 15:32:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1A82 2 KB
856 B 133ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 1A82 23 KB
9 KB 126ms
76ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1A82 3 KB
1 KB 130ms
81ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1A82 20 KB
8 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A82 205 KB
62 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:19:17 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 1A82 37 KB
15 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:15:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CB23 2 KB
589 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c162014c40274a84cbce7373aca4aadecd99078a3d274668e812e3244a8da01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 16:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame CB23 2 KB
875 B 102ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame CB23 23 KB
9 KB 110ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame CB23 3 KB
1 KB 121ms
80ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame CB23 20 KB
8 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CB23 205 KB
62 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:19:17 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame CB23 37 KB
16 KB 68ms
27ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:15:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2941 0
20 B 64ms
64ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDTgY8DEP-Ume4DGMTS3oUCMAE&v=APEucNX194-ddY-aR_QhXgWAxd3nMLq1nyPw5dO38Jyjr2lWbjvOLm_nr0Ugw2KXkRUPf41-Nb1MHxWUk47ytfb-lYYp6oL_Ig

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:32 GMT
expires: Fri, 09 Feb 2024 16:14:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame A2C1 23 KB
9 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:00:25 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame A2C1 8 KB
3 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:59:39 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A2C1 0
0 146ms
71ms Fetch
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvSx257H0L0l9_J8AgCX2wi6kxiCZIjgLGZ6CVqwVOTtfGSwZ2d_FCYzOHgO2Nhf45ZLDkPvTgS_uJT8pjr1S0WazqledT9_r3f-KK5KZMIUSHfSkBtA23lEpHoErTSj2MI-ka0iP3X8rSgCcrFt_mQqZl5B7J8ksNmRdAHlJ1ziQ5s4gM9OniJa0JQqN2xIwd4amxiLSiOJXKLKbRsQIjieRZ5DsHLfN62vH6EQT2yDVztlkLvnNlsCrVNeCYl5q4Zjt7pUh-KY6M2Bbd3D3XTMIKY433fLvbrrpHq38xED5LeQJy2BfXyk_nDTJK3hb2XvAHOlBK1G2rmNCoyjHIeF_Uny5t7H0V8a3eB20LRKpgSwDQQtKkuakTEIf4l-tImi4Nf3J7M7i6pWD6tep-Kj5vPH1xrhi9pNlSIUMlQPiiJT5anSgahra__rtaVIUDECxbUvC-XAmI8vNjmTqv8PZoF88-o_oBS8ETLYSnoSCVp6DlmqbjI3HFnAKf5qmuCWEVXeWu3j131aDO6tOgd2fLjBOhDuPBafRF0p20BaRCJ2t827F-d-13PRwCLzQYmSQ2aJkLan_YyNjicjxsVGyRH-VSrgJ7HMwkhinZ9umWesZy-K-yq8J6kqwIUah3P-LIWzis185YopWPtsYuj02CucvLv78gFNpvdHJuCpqzlsryCTRdWnXMmY5g5EsHD711sPrN1QDByKbfxmf-0Mo97NF81W3zsbg5wPB2CB2xyqQw1zNh7OBwLVJbC6dRdTTz026MNic29fKA8ZHs8lbErRR1_NOG9zCr8eRtLK15bZvbtgYpWyIzm0dYcI4M083l6nhZA99vDtpNhm6Uv6btV_bUsbApPSW9ZxP6RHKTG3PoofR4Y0cORe2goAlwnorFq0VA86zq6giWPcP0IQiHV3MogsvHhxkvP5G8f-f52-7ELcWwN95dFUHXaLHjBvcs1THUNUQTPkUMeBFJCdy_5k2arktu87cBDpSi_6XVNOMGY71TNNa6e1iLIC-OxC-ksITWq4VPXamTxGyX19R2B1KHmLm_fyTJIsgdcsHEM0uKJMmAcuhqo1IqbE4yvmgNG2tw7c_PAUF73mMK44PGVHnI7--q4XM-LTTGg7Lgr-DxTsXLoeqYtE01KHT0RUUqpFiMcUkIpLdRu6klBI3iZ7FtVS3RJmIliO1SyOzCbV-Rdwkz1mm22mHe2LGnWsAm281JsuzSoT-idxtk2PWtqCu7an4lJOShIIPJiJ3UB_DiMPMAau09eW7TfJyr3ZgUu8047IA&sai=AMfl-YSs4MJ4nM1AjryN3teaA8OV6ZAVLlfBW2vromLktEgbpKdEjQ0nXkV0XBxVXmpU-bXsbsIuBVhh5zrzEOgpuC6_qVCOYDTUVy5APN23zWSzwBM0jIsGvI3M_VovQZ5SAuRSTg1ocnIjZSzW9p89V-Fk11OK42pbhlA3Xlb1RNFG8vM_Qe3Yus4Nl2Tch0rTjxPh43OisuhDVFwwjHBWSoWZ5z44o-zEMJToazVDKsPJj95HTMRG7D_JvtZrcgels4-EL3CON7rRtCYE6V8nVfRfWmsHUx8MRlFtffZu2w9MH3GWNeTuwbSukH7JkbZ3V1GynrIYkeMXYH3hNuNv77NYXuaag0i1a935H_C6juVYk4iVhdc2s2Pp7hqaycmG3F7ga3vvJs3yxmQo0XaZ8rTkXMF2IIRI04yE491O-eYZDv0uPDyXQNV56Xo75KTkCe3WYDf0h_viYGhb6malYGNpcTvgRFtGaWnDhiSSqUKqjegqhPXteLtzZl3Ctj7YhWiTcD0RMmnidw&sig=Cg0ArKJSzHUeVvLMPIsqEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qdWxpZW5kb3JjZWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240207.47758&arae=0&ftch=1&adurl=

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A2C1 41 KB
14 KB 74ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:14:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame A2C1 3 KB
1 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame A2C1 20 KB
9 KB 48ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A2C1 205 KB
62 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:19:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2C1 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIc_4tSUfl5J9JQn0x8Wd-ZexN9qV0CuksJhKqfd44Ucpw98gukv-8TECAfTfSRLaLFMa1H-a0gBeZ9qmjuRU78s6G1-ToLc389assMIMItmKOZ2s

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17804223220300984818
s0.2mdn.net/simgad/ Frame A2C1 63 KB
63 KB 136ms
69ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17804223220300984818

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba805b291bd04df24c121809a3dc451a853acf5c18ce8b1023a10c4cbe6d98c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64317
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 16:39:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Feb 2025 16:14:32 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
35ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 09 Feb 2024 16:14:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EFC3 90 B
134 B 37ms
36ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

157935bcba91d5b1932ca72b59a7d6d568185d251f523d68b352dc83246f8c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame EFC3 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?O457Dg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame EFC3 0
19 B 34ms
34ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&cpn=8pr6UQh5fYnO8aS7&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C19571%2C15659%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C2697%2C8128%2C16149%2C9954%2C5284%2C1172%2C4985%2C10159%2C6088%2C1598%2C3460%2C567%2C1341%2C2%2C1153%2C1413%2C2129%2C1009%2C1865%2C1127&cl=604501355&seq=1&docid=NvQUhdysL5E&ei=aE_GZbPnIIG1i9oPj42e0AI&event=streamingstats&plid=AAYQ9TkunP2_gyYX&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNvQUhdysL5E%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D0%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fhellsparadise.fr%26widgetid%3D1&qclc=ChA4cHI2VVFoNWZZbk84YVM3EAE&embargoed=0&cbr=Chrome&cbrver=121.0.6167.160&c=WEB_EMBEDDED_PLAYER&cver=1.20240205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.257:B,0.257:B&cat=streaming&cmt=0.005:0.000,0.257:0.000&vfs=0.257:244:244::r&view=0.257:778:438&bwe=0.257:130000&bat=0.257:1:1&vis=0.257:0&bh=0.257:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-YouTube-Client-Version: 1.20240205.00.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D
X-YouTube-Ad-Signals: dt=1707495272474&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C778%2C438&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame EFC3 158 KB
159 KB 83ms
34ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1707516872&ei=aE_GZbPnIIG1i9oPj42e0AI&ip=2001%3A41d0%3Ad%3A364d%3A%3A7&id=o-AGQTc11hCqxlvXbaicLy6n3GU-hTfsHMRhLOczEHkRU8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=my&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5e6nsk&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=45&gcr=fr&initcwndbps=1221250&spc=UWF9f_G4RbCUqfhmIc0vTQJsl9dL7OiW5DRVGVWQflhN36A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=qJzmV93TLfsLHHepaDUuEfwQ&gir=yes&clen=3589236&dur=82.290&lmt=1668852386129437&mt=1707494472&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6319224&n=c3E31G7z2gM1pQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cgcr%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhANfuu2vcgQKAf6GX5m1KT7Fviu54VWn7V9aE353GD7goAiBKa8AK74ax_RRPyuhxVgtTlui4lkvqp38vRhZpxbGfuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRAIgDYDXKMSrnHeTbaSXHkSyjxcguLsBYD982YQ588FOmNUCIHiEJC4uvsHlwS3mtG7GFL0M3qDfYe-aSHEJrXKheSfI&alr=yes&cpn=8pr6UQh5fYnO8aS7&cver=1.20240205.00.00&range=0-161976&rn=1&rbuf=0&pot=IjpGVUZTI5MJPQUyMiQfDRwGET42HRESKWUlLCw6KCUrIAQ_DxoFMgwSEz0PHAMyFwYHMjUYDxN-cHUR&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1e46e564822b1ba69c2834338cb9da7d4553ffc334c7d5126ebe42231bfcd417

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 16:14:32 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sat, 19 Nov 2022 10:06:26 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 09 Feb 2024 16:14:32 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame EFC3 64 KB
65 KB 79ms
33ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1707516872&ei=aE_GZbPnIIG1i9oPj42e0AI&ip=2001%3A41d0%3Ad%3A364d%3A%3A7&id=o-AGQTc11hCqxlvXbaicLy6n3GU-hTfsHMRhLOczEHkRU8&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=my&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5e6nsk&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=45&gcr=fr&initcwndbps=1221250&spc=UWF9f_G4RbCUqfhmIc0vTQJsl9dL7OiW5DRVGVWQflhN36A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=qJzmV93TLfsLHHepaDUuEfwQ&gir=yes&clen=1319945&dur=82.321&lmt=1668852377650322&mt=1707494472&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6318224&n=c3E31G7z2gM1pQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cgcr%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhAI1o-mtI5htD4eiRjXjDpAD95Hm4liW5mVEgt292WIdnAiEA97jTz0Ki_jkOQeRogvuDjP16odKkwomx06zTNWHK9lI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRAIgDYDXKMSrnHeTbaSXHkSyjxcguLsBYD982YQ588FOmNUCIHiEJC4uvsHlwS3mtG7GFL0M3qDfYe-aSHEJrXKheSfI&alr=yes&cpn=8pr6UQh5fYnO8aS7&cver=1.20240205.00.00&range=0-65944&rn=2&rbuf=0&pot=Ijou4C7mSyZhiG2HWpF3uHSzeYteqHmnQdBNmUSPQJBDlWyKZ69th2Sne4hnqWuHf7Nvh12tZ6YWxR2k&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1e71437eebb207dec331a3234f28060fdf710dcc2fe418289362d7d0d3a5e565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 16:14:32 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sat, 19 Nov 2022 10:06:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/ Frame EFC3 118 KB
33 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5778354d31168a2071ee37cd337912b5956fa0ef5601b3ee2b23e48ac54bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33973
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Feb 2025 00:06:58 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/ Frame EFC3 34 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3139bb5abfd35fbbf42029e768d755eebd207a5c78045e32e03b9e61bba79e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8429
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Feb 2025 23:57:23 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/ Frame EFC3 69 KB
19 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd779bd5b62d4b7cb442a031cec56ccf73d6cc1f10559b73e73c245e5aaca49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18986
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Feb 2025 23:20:36 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame EFC3 34 KB
5 KB 355ms
354ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9d0ef679dd984069d7f531a017a54fb7b9411ee3d989052e5abe07477226e00c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240205.00.00
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D

Response headers

date: Fri, 09 Feb 2024 16:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5569
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/NvQUhdysL5E/ Frame EFC3 44 KB
44 KB 95ms
35ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NvQUhdysL5E/maxresdefault.webp

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca8e47dbdfac00ad9171d98b3d3ef1c06ead831de6f98bf04ccdb445810d742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
server: sffe
etag: "1668852969"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45004
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Feb 2024 18:14:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E19C 14 KB
1 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 15:13:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame E19C 2 KB
856 B 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame E19C 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74C2 143 B
166 B 31ms
31ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 15:38:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame E19C 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame E19C 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E19C 205 KB
62 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 16:19:17 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame E19C 37 KB
15 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:15:44 GMT

GET
DATA 200
OK truncated
/ Frame A2C1 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a63aba3a6a913d21a6643f66ac22f75a0b3f765d835c7d47bb3b8f00c79d80f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A2C1 0
0 61ms
61ms Fetch
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvSx257H0L0l9_J8AgCX2wi6kxiCZIjgLGZ6CVqwVOTtfGSwZ2d_FCYzOHgO2Nhf45ZLDkPvTgS_uJT8pjr1S0WazqledT9_r3f-KK5KZMIUSHfSkBtA23lEpHoErTSj2MI-ka0iP3X8rSgCcrFt_mQqZl5B7J8ksNmRdAHlJ1ziQ5s4gM9OniJa0JQqN2xIwd4amxiLSiOJXKLKbRsQIjieRZ5DsHLfN62vH6EQT2yDVztlkLvnNlsCrVNeCYl5q4Zjt7pUh-KY6M2Bbd3D3XTMIKY433fLvbrrpHq38xED5LeQJy2BfXyk_nDTJK3hb2XvAHOlBK1G2rmNCoyjHIeF_Uny5t7H0V8a3eB20LRKpgSwDQQtKkuakTEIf4l-tImi4Nf3J7M7i6pWD6tep-Kj5vPH1xrhi9pNlSIUMlQPiiJT5anSgahra__rtaVIUDECxbUvC-XAmI8vNjmTqv8PZoF88-o_oBS8ETLYSnoSCVp6DlmqbjI3HFnAKf5qmuCWEVXeWu3j131aDO6tOgd2fLjBOhDuPBafRF0p20BaRCJ2t827F-d-13PRwCLzQYmSQ2aJkLan_YyNjicjxsVGyRH-VSrgJ7HMwkhinZ9umWesZy-K-yq8J6kqwIUah3P-LIWzis185YopWPtsYuj02CucvLv78gFNpvdHJuCpqzlsryCTRdWnXMmY5g5EsHD711sPrN1QDByKbfxmf-0Mo97NF81W3zsbg5wPB2CB2xyqQw1zNh7OBwLVJbC6dRdTTz026MNic29fKA8ZHs8lbErRR1_NOG9zCr8eRtLK15bZvbtgYpWyIzm0dYcI4M083l6nhZA99vDtpNhm6Uv6btV_bUsbApPSW9ZxP6RHKTG3PoofR4Y0cORe2goAlwnorFq0VA86zq6giWPcP0IQiHV3MogsvHhxkvP5G8f-f52-7ELcWwN95dFUHXaLHjBvcs1THUNUQTPkUMeBFJCdy_5k2arktu87cBDpSi_6XVNOMGY71TNNa6e1iLIC-OxC-ksITWq4VPXamTxGyX19R2B1KHmLm_fyTJIsgdcsHEM0uKJMmAcuhqo1IqbE4yvmgNG2tw7c_PAUF73mMK44PGVHnI7--q4XM-LTTGg7Lgr-DxTsXLoeqYtE01KHT0RUUqpFiMcUkIpLdRu6klBI3iZ7FtVS3RJmIliO1SyOzCbV-Rdwkz1mm22mHe2LGnWsAm281JsuzSoT-idxtk2PWtqCu7an4lJOShIIPJiJ3UB_DiMPMAau09eW7TfJyr3ZgUu8047IA&sai=AMfl-YSs4MJ4nM1AjryN3teaA8OV6ZAVLlfBW2vromLktEgbpKdEjQ0nXkV0XBxVXmpU-bXsbsIuBVhh5zrzEOgpuC6_qVCOYDTUVy5APN23zWSzwBM0jIsGvI3M_VovQZ5SAuRSTg1ocnIjZSzW9p89V-Fk11OK42pbhlA3Xlb1RNFG8vM_Qe3Yus4Nl2Tch0rTjxPh43OisuhDVFwwjHBWSoWZ5z44o-zEMJToazVDKsPJj95HTMRG7D_JvtZrcgels4-EL3CON7rRtCYE6V8nVfRfWmsHUx8MRlFtffZu2w9MH3GWNeTuwbSukH7JkbZ3V1GynrIYkeMXYH3hNuNv77NYXuaag0i1a935H_C6juVYk4iVhdc2s2Pp7hqaycmG3F7ga3vvJs3yxmQo0XaZ8rTkXMF2IIRI04yE491O-eYZDv0uPDyXQNV56Xo75KTkCe3WYDf0h_viYGhb6malYGNpcTvgRFtGaWnDhiSSqUKqjegqhPXteLtzZl3Ctj7YhWiTcD0RMmnidw&sig=Cg0ArKJSzHUeVvLMPIsqEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qdWxpZW5kb3JjZWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=235&vt=11&dtpt=234&dett=2&cstd=0&cisv=r20240207.47758&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:32 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EA5A 38 KB
13 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 144083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:13:09 GMT
expires: Fri, 07 Feb 2025 00:13:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EFC3 4 KB
2 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/f2L21tpe1P-Y4QjOXkCIvQ/ Frame EFC3 5 KB
5 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/f2L21tpe1P-Y4QjOXkCIvQ/featured_channel.jpg?v=59e0e784

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca01abb5fd7affc3688964cba2b72de46248ce7271d2248e8cd20969394b9dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:55:33 GMT
x-content-type-options: nosniff
age: 1140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4919
x-xss-protection: 0
server: sffe
etag: "1507911556"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Feb 2024 17:55:33 GMT

POST
H3 200 videoplayback Show response
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame EFC3 64 KB
64 KB 46ms
22ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1707516872&ei=aE_GZbPnIIG1i9oPj42e0AI&ip=2001%3A41d0%3Ad%3A364d%3A%3A7&id=o-AGQTc11hCqxlvXbaicLy6n3GU-hTfsHMRhLOczEHkRU8&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=my&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5e6nsk&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=45&gcr=fr&initcwndbps=1221250&spc=UWF9f_G4RbCUqfhmIc0vTQJsl9dL7OiW5DRVGVWQflhN36A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=qJzmV93TLfsLHHepaDUuEfwQ&gir=yes&clen=1319945&dur=82.321&lmt=1668852377650322&mt=1707494472&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6318224&n=c3E31G7z2gM1pQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cgcr%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhAI1o-mtI5htD4eiRjXjDpAD95Hm4liW5mVEgt292WIdnAiEA97jTz0Ki_jkOQeRogvuDjP16odKkwomx06zTNWHK9lI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRAIgDYDXKMSrnHeTbaSXHkSyjxcguLsBYD982YQ588FOmNUCIHiEJC4uvsHlwS3mtG7GFL0M3qDfYe-aSHEJrXKheSfI&alr=yes&cpn=8pr6UQh5fYnO8aS7&cver=1.20240205.00.00&range=65945-131480&rn=3&rbuf=4325&pot=MnaicOuXqDd9OaJIYlLrjCOtx8EIyIKDssjLNFdYwUTWe00__RjJlE9AILQhHHgH2aPA2TP8y6JTnVi_spKSRb7vVkqrjxXjVOoiPNlD7MVMbtuRfpsctoOJh46Z08lP8SpAfiBks7U8yYRklq5HhcNWD9YFRaNE&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f970cf2db1582b7214f2ddc7a2faaca8de19c409a322d5aaf44ea97fa98b9d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 09 Feb 2024 16:14:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Nov 2022 10:06:17 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:33 GMT
expires: Fri, 09 Feb 2024 16:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A13 51 KB
19 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EFC3 28 B
54 B 41ms
39ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Goog-Request-Time: 1707495273052
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-YouTube-Client-Version: 1.20240205.00.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D
X-YouTube-Ad-Signals: dt=1707495272399&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C778%2C438&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 09 Feb 2024 16:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CBE 51 KB
19 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame EE67 51 KB
19 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/NvQUhdysL5E/ Frame EFC3 44 KB
44 KB 28ms
28ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NvQUhdysL5E/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca8e47dbdfac00ad9171d98b3d3ef1c06ead831de6f98bf04ccdb445810d742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45004
x-xss-protection: 0
server: sffe
etag: "1668852969"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Feb 2024 18:14:32 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame EA5A 51 KB
19 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

POST
H3 200 videoplayback Show response
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame EFC3 142 KB
142 KB 22ms
22ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1707516872&ei=aE_GZbPnIIG1i9oPj42e0AI&ip=2001%3A41d0%3Ad%3A364d%3A%3A7&id=o-AGQTc11hCqxlvXbaicLy6n3GU-hTfsHMRhLOczEHkRU8&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=my&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5e6nsk&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=45&gcr=fr&initcwndbps=1221250&spc=UWF9f_G4RbCUqfhmIc0vTQJsl9dL7OiW5DRVGVWQflhN36A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=qJzmV93TLfsLHHepaDUuEfwQ&gir=yes&clen=1319945&dur=82.321&lmt=1668852377650322&mt=1707494472&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6318224&n=c3E31G7z2gM1pQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cgcr%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhAI1o-mtI5htD4eiRjXjDpAD95Hm4liW5mVEgt292WIdnAiEA97jTz0Ki_jkOQeRogvuDjP16odKkwomx06zTNWHK9lI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRAIgDYDXKMSrnHeTbaSXHkSyjxcguLsBYD982YQ588FOmNUCIHiEJC4uvsHlwS3mtG7GFL0M3qDfYe-aSHEJrXKheSfI&alr=yes&cpn=8pr6UQh5fYnO8aS7&cver=1.20240205.00.00&range=131481-277258&rn=4&rbuf=8649&pot=MnaicOuXqDd9OaJIYlLrjCOtx8EIyIKDssjLNFdYwUTWe00__RjJlE9AILQhHHgH2aPA2TP8y6JTnVi_spKSRb7vVkqrjxXjVOoiPNlD7MVMbtuRfpsctoOJh46Z08lP8SpAfiBks7U8yYRklq5HhcNWD9YFRaNE&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ee8ca59fb3e6fbf2ed1ad741ef146aa10bf0f824cfd318c9e992654e84d9f5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 09 Feb 2024 16:14:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Nov 2022 10:06:17 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame EFC3 50 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 10 Feb 2024 00:08:23 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EFC3 28 B
54 B 42ms
38ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Goog-Request-Time: 1707495273077
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-YouTube-Client-Version: 1.20240205.00.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D
X-YouTube-Ad-Signals: dt=1707495272399&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C778%2C438&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 09 Feb 2024 16:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:33 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/NvQUhdysL5E/ Frame EFC3 44 KB
44 KB 26ms
26ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NvQUhdysL5E/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca8e47dbdfac00ad9171d98b3d3ef1c06ead831de6f98bf04ccdb445810d742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:32 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45004
x-xss-protection: 0
server: sffe
etag: "1668852969"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Feb 2024 18:14:32 GMT

GET
H2 200 skuSlzNKMXm160sEtdGaQAjw51MJ5FYLe4PUjo337lMLfyz36SGbUX1Rz2MQXnUNpAdJus_GXg=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame EFC3 4 KB
4 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/skuSlzNKMXm160sEtdGaQAjw51MJ5FYLe4PUjo337lMLfyz36SGbUX1Rz2MQXnUNpAdJus_GXg=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c66f569b515c502da7cfcaee815130d2afa0c9afe11e0ae320684085926db1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 14:53:11 GMT
x-content-type-options: nosniff
age: 4882
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4235
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:53:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA5A 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_hfVZ0_GZaGrMs6ji9YPlfC0qAQAAAAAOAHgBAI&bg=!oKOlo-zNAAY9UbWqHVE7ADQBe5WfOIJNBn0dYwbUW-dC6wp9YdM797jbI3tm0UQItHlUxlYwh6ee4k4ng7EP62mz-r1cAgAAAEpSAAAAAmgBB5kDDI0kuIaL6Rjy4Ia50ExIjK0-U8Xx3f50CFv55Ky3f15yyDbm3q5AG3Y1Yy3HUVO2JV1GiiiMUFsjcEeYKUplZlhsOM38skrV8vN4yjAqpDplY0B4OnoE6uA4xcTLmpcDVVqF7rSZYV53nCiVRNch7S92rKnzRNIxxI4TfOGxtWf3INYqo7pTEwEXKwzJjiZFyqpQcKp8ndvTPijh4boigLqD4TMSq_CEYvjT_TpsFM56E1DqAxeTpS3Jy6cYJHwf5g_QHh7OD5rAt4US3O8EfpmItqJiWUfYSDLC4p4dt7bhOMbGK34wxVmjgUGPxFtVo9F6GuEcoMEP0ecgmJglU2GUiVc4LwC6FWqXJzgyXHWp_LFluy90VWlnACfR-7BbWxh9dX7Qy5I1gTVfv7REGe3t4hr91azCq-SU-6dDg6vfq2mgr0qpkDQpAW-hXkt___kCrJX1CvcZZI0tlPiRv2T6tF5GsaVQ2JMu-ccrw2UWYeiXVS_legjypM7cGqK0ebHda83e99vP3siNc_uNZARrdYjNfAOAThJBVb__K7Twvg6GxH29s52esjDnu0p93s8-4mpM8AV95-puUIvdE-kj1WjOCUFdtYaM7TPcxb2m7rb1CJNicsWjdn5dXerAfJ-hx8U79EjHUe4kL-MAEjV45Ur-bw4MWeh2t90MSwJIF0YLuRC48LHCO3OB1o0pW7807Q_838ljvBF-N1PXy4jg_uUtxJcT8B38RxnhV81eDwLPL1exV1wUUM8CEoTm29aCVGpXpmucQRziMX0REDbxcFc1PCvd1o6xJlPdkU9ZRmM346U2oBwrVTRPUaubDaEzmqAoEwxPDrIl3kHLQyK8lpUKpBy88b3YgwmNV2EELuNHGBmtLs0WxywcsI6TaTkWw3rj1HoS9FtbyuYQmTO1O_R_jq1Ai9o3qYbrOWy-SjtmSr1WbjOW0fMUyai7COzWtsRq99ouIFjWV1wmTT4-Tlsn3rKe-hMBg6Nz7AyBp9h9htcifSxfY7BQAX0L9Qh3G2FrsHObxKY_Rg

Requested by

Host: hellsparadise.fr
URL: https://hellsparadise.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 16:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A2C1 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxv9Eli7CEI6gqZB8542CNL6BY9btzadjrFCFQe7lhXAvehw7-G1gk7r1plKDX72Xnl3wzUYFgPaOBqBxqaWVJbRQO1hbkpurg601w_UgNwL0IKMWdA9i-otaPEAFlNUr1stZDwFBEn3QcosjX25gSKiaKiGcabMgyYw&sai=AMfl-YQAsYTviLFTpQSNDZi2wbK-L5qeDzhSWdAc5h4AU1o5y84306kJ_kG0VJSqWRUCNsI6YrEUuG-G7G_yU1Gc4AyUr_QQhQgpDK3FghrBpLUZC2M7qT1J9T9Cq_DNAiAN4ZB2QX8kfh5FRLZasTU-gQ&sig=Cg0ArKJSzF4gDHLM3dzeEAE&cid=CAQSTwAvHhf_uptYj8MnFP0Byrwh3_gif1sVfBfu3GEDYm3CKSx3DcU1Wv0QyKHgJX7M83d9yP0aaSmmIdyWAlWMfig2x3chsr5lN6Ks8kcaHngYAQ&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=373,845,1006,1059,1059&tos=373,472,161,53,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=342807200&rst=1707495272662&rpt=232&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 16:14:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame EFC3 787 KB
787 KB 22ms
22ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1707516872&ei=aE_GZbPnIIG1i9oPj42e0AI&ip=2001%3A41d0%3Ad%3A364d%3A%3A7&id=o-AGQTc11hCqxlvXbaicLy6n3GU-hTfsHMRhLOczEHkRU8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=my&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5e6nsk&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=45&gcr=fr&initcwndbps=1221250&spc=UWF9f_G4RbCUqfhmIc0vTQJsl9dL7OiW5DRVGVWQflhN36A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=qJzmV93TLfsLHHepaDUuEfwQ&gir=yes&clen=3589236&dur=82.290&lmt=1668852386129437&mt=1707494472&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6319224&n=c3E31G7z2gM1pQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cgcr%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhANfuu2vcgQKAf6GX5m1KT7Fviu54VWn7V9aE353GD7goAiBKa8AK74ax_RRPyuhxVgtTlui4lkvqp38vRhZpxbGfuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRAIgDYDXKMSrnHeTbaSXHkSyjxcguLsBYD982YQ588FOmNUCIHiEJC4uvsHlwS3mtG7GFL0M3qDfYe-aSHEJrXKheSfI&alr=yes&cpn=8pr6UQh5fYnO8aS7&cver=1.20240205.00.00&range=161977-968224&rn=5&rbuf=10546&pot=MnaicOuXqDd9OaJIYlLrjCOtx8EIyIKDssjLNFdYwUTWe00__RjJlE9AILQhHHgH2aPA2TP8y6JTnVi_spKSRb7vVkqrjxXjVOoiPNlD7MVMbtuRfpsctoOJh46Z08lP8SpAfiBks7U8yYRklq5HhcNWD9YFRaNE&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8b35655729c7e55387e0f7cae4248d6e98b0351771657fc5c121231d38743952

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 09 Feb 2024 16:14:34 GMT
date: Fri, 09 Feb 2024 16:14:34 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sat, 19 Nov 2022 10:06:26 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 200 Arrow.png
hellsparadise.fr/wp-content/uploads/2022/05/ 2 KB
3 KB 32ms
32ms Image
image/png 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/2022/05/Arrow.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e9769be7df77149ec5410ac82c38e7e15c2968a64772af6fec57d05210e0ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125
alt-svc: h3=":443"; ma=86400
content-length: 2217
last-modified: Thu, 09 Nov 2023 01:11:59 GMT
server: cloudflare
etag: "8a9-654c31df-360fa9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8p5JQixNDob%2FguaU24F4onJfWyTYFGW2D8%2BRiaWHCgvZpqNKowtkLU1kahQM98VOpo8KcTW5F%2BZWPOtLFDqnKmus%2FyTKsBZIwqsP4fjassjNj8fkpgyiFOrCjQKJjQWX35csmXu%2FMkvOEBuUPqF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d67f9393d046f-CDG
expires: Fri, 09 Feb 2024 06:35:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
76ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b17e86a6ccbb4235045b90ab27c432073c98e4d4715c5a15dc223d6832a4ddc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 16:14:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2062 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 14:09:28 GMT
expires: Sat, 08 Feb 2025 14:09:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 021B 829 B
561 B 36ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe8c807fe604e0973ce9d884a38c9b3cbd0b49ef8350cbff9a09b8e6d6ac2936

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KYJQ_IbrK0j9P-9wIjhGQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hellsparadise.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KYJQ_IbrK0j9P-9wIjhGQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 16:14:34 GMT
expires: Fri, 09 Feb 2024 16:14:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2062 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 021B 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=1770295419054641&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2062 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jpT4Ww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EFC3 28 B
55 B 37ms
37ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Goog-Request-Time: 1707495275221
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NvQUhdysL5E?controls=1&rel=0&playsinline=1&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fhellsparadise.fr&widgetid=1
X-YouTube-Client-Version: 1.20240205.00.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtqYXZSWkpHWGo0cyjonpmuBjIOCgJGUhIIEgQSAgsMIF8%3D
X-YouTube-Ad-Signals: dt=1707495272399&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C778%2C438&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 09 Feb 2024 16:14:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 09 Feb 2024 16:14:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=1770295419054641&bg=!RUalRgnNAAaxkZ3akZE7ADQBe5WfOASH7kkbbUsZrBPbhAbtJ0TIVnwQfV5vhGZ-9Bnmfw46cTXvBIFpr4bPHnbygd43AgAAADlSAAAAAmgBBwoASbgOXaP5ph8JX_PB92oWdO6ajSdSsE3oy6TmGqrKE7wvLZdZw9_oRngbHTJGpIA5APTwWE8JT5v-5qus8rlxodZ1ddnNW0AoehWZAs2ceF7caMGsH4NSLv9oJflSQlTRiNJ1XHDFgwlLsE4VUs4fRAsXg9dDP_QFGEHdMglAu5N_7LBFdpDDZN_T6zl25ixXWFdRioHqX7o4tQHYpyPZ9oqBN3T74wDIlDgWOTJUP4JCtTrVdoZ6AdJCml2MSioqX5xsrzlN_O8f2KPZZbISbt4tuZdaXyMqhtl9riJBO6Att5gtQy7MXY4cmIPWcrZphAxj0Te2WMYvVhCNia-pSRLReSffGZtYfItnWYwQY5P2ouFyP4yl8UM1AqOVT-7TrzrUh6fTEO6wvLPzI56ZTJffX_Oz02qFOvoFoP1gpMxsSbitVIcX-lFx0-6taqCNgCrx2Cf_qSBOK4j30JgprpLXIGPiJYa2jEhYX9UnonUkxorLo7CYPT1GGEZR5v5pSMQsow8sddGG18rqDWAH5RZR6WBG80jfeMmBivPXz0QhPCduwlunvPl6RfAI2KoOjVtXMHy4fPdkcbJcR7qfN4_vHyGWNHfp4MmwOixpPVplBOa5u239kZhG8U580WvsViyviSW82jZ_a-BIic3qoHUagjVveR5B_8Ceo5Ak9eT6Ul5YFDXW3XTOZn56lFk6APIHC9vrBOj4Yj-ULGkLaUrwdwYelhMdaPF3y_jSEJVrHxVbTsTIJlFWYYoAGEIzq36rN_lESoaQY66H_goaTGjArgowZx1067TwS68ljvwjd7jH9WsgrxzST52OI4rNTIvLa6_PY7jbfa51BB1ydqekaOzh9wM7Y8st-TpWG4mCAgWtmCGOjBlWveJMdRGqZ1oQ-IYAQOOrsQvKu9RKzqjJk2AmTks1lqF_gO3rciUmQ0pLkZ8ZeDNW1aLQK2i8N-PmBaQoIzTRxLLaocEgEp_svTVhD3j3Gux1mIkyA6sX27mvfx-NocNFHxmJFmX3aPOh3Nmd7dql6xzFZdkC5iXijyL_Z0fXRJQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 Usw5GCFhr4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 18 KB
19 KB 32ms
31ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/Usw5GCFhr4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9e5387c133027ab0807ecca490976f16b57ade04e65304583eab6b9fb3bf03f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17280
alt-svc: h3=":443"; ma=86400
content-length: 18646
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
server: cloudflare
etag: "48d6-654c31f7-3c101d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmIAdVrSZQlCU%2FU5sPTKUaCEMDcEtXedpIZ%2BGmWjWkxrbOC%2BW0fQJnHinzJcivVc1D3a%2FsOAgfS%2FjgjQlxR0zAQNapGRFNVU58k3jCOG675nvtR5468uTJ502rZ4C0D1%2BeBDnCBQ92C%2BevbcwoCn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d680bfa3a046f-CDG
expires: Fri, 09 Feb 2024 23:26:37 GMT

GET
H3 200 Usw5GCFhr4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
hellsparadise.fr/wp-content/uploads/elementor/thumbs/ 18 KB
19 KB 30ms
30ms Image
image/jpeg 2606:4700:3036::6815:4bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hellsparadise.fr/wp-content/uploads/elementor/thumbs/Usw5GCFhr4-qf31pqcqx6eydqwdq7gscgosr8r2eslt162mbdxbj4.jpeg
Requested by: Host: hellsparadise.fr
URL: https://hellsparadise.fr/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9e5387c133027ab0807ecca490976f16b57ade04e65304583eab6b9fb3bf03f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://hellsparadise.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:14:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17280
alt-svc: h3=":443"; ma=86400
content-length: 18646
last-modified: Thu, 09 Nov 2023 01:12:23 GMT
server: cloudflare
etag: "48d6-654c31f7-3c101d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9Cn0ZcRtKVESIgLTwhdart%2F7qyHo%2Bl90os3VP3dBtGrCH301JcwSOqy3qvYe%2BMp4p7xCatH1qXWUTzNYBS4bOoZZotdXo2BS8uZAqui57XFQmNJKp7gh0tUFdrx9FT3%2BhPDfZtwlil2DCmZMZan"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 852d680c3a7d046f-CDG
expires: Fri, 09 Feb 2024 23:26:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegram.org
URL: https://telegram.org/js/tgwallpaper.min.js?3

Domain: telegram.org
URL: https://telegram.org/js/tgsticker.js?31

Domain: telegram.org
URL: https://telegram.org/js/widget-frame.js?62

Domain: telegram.org
URL: https://telegram.org/js/telegram-web.js?14

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg

Domain: telegram.org
URL: https://telegram.org/img/emoji/40/F09F998F.png

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/b0MuPflWjSuz87IseSOLNTNwCE6zzhMcnYWeTAvPvB80mCJFzOA7m71jITgNN43sUCn1K4QSmVzFWbxGkTN9xI6DaV_d6MIIeEXtEvdXF62hAvLCIotMaWT5po8EsmoK3d3Zk2Us_9TIHY5yXnt9IqaiODcFe73CKjQDH0HPLs1zSi71rZ4vQPlv48YRzma2Jqwapp6EQy0-3M_dFyR9ipbWxE1PeQsHT57CYpp1Ui0cMBiQGX1gUrjOlbzwmGdEwtiujZQWaE9s0Tmek4UtDI6ABpnzHbWA19eYYlnRivv4m5J_XHINPXn5N5OPo_AjqIzYXOJhERriNjuqlh47gg.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/OqtO8UoQ9agHGTytRQLebx3hJoG_NJjU0tdH4eRtAbB0-YKRzP4BkMYf27PQlKDxi_kmiCGr473b47a-HmM1epF4M-5wa-awpuU8K_JCCrhk3dBhnwp2DCYYrtyhIc6WHpTuy2fBb_38E1TqPnclNA18ANCod8wMp0EbzL2dbNbjUa3jGUt_bvtQQhMJk4srPJ86xBN117GUqb2ZjAgZRqgQuhzlO-TJWwZrX6OzsauTjKo5yiRsyymKsXrXbI1tnHj8R7nS-sZBSpvw3m7qtOTY0PZWzO-dPdcMcuYwEDgje9Nh-131dkxB4TP8NISYxqxkm_cSubE81ixoPfZAZA.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/PbghfQjKncv-2g8jaPNkVCIK8VwOIoUyPoJzeSIoq71FLxIlpf361sK-X22PRmQ9Uq47KXRqGUSdQIfIxplO3qxIH_84FlRik_ndaPbLMZtAgs6b5VvhFx_5RZqUyMI-OelapUbMeea7wwhpnCqyFS9f1AZGmeQ9LiFfL4WhN0cHjRlgg8TDGp6-hLqx70ubXYDWUAGTOTp1ENxpd5JNYotUc3s2_9C-uFbPxXQHWE7oftXRd6pxrWhOj9x6iaQuD30kB_Wj7pt7DDIler6AgC71SGBfzUwrIQ1QpDHgbDNqjPZfZpSvHy1g5NFKPFjYtL8KH6KHbfy-NygS63UvpQ.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/U6UMiaca8agsGfbNuN2GffAeMTpByJUfJwB7VHJNlNJ9Mz4ayQOmiaNEYk--krr0fqEAZGQgoxPcB2sBlmRoGo2tOVWCbXUKI64pz5NwdE8Bhe99cNPyWXd5npx6PRdx5kRtSazdgEW4IxcinDZ0HKWG1KRN6OHfAZ7PTS5wypZ5FojZEavJFBUQjXJ_srCD4QMKQ0KywRLbFz6_ApDQMDanQj6nvtZqCYjznGEJzw4nzhZHnWNtonaXzQ4cGTmOxbGQ2jpSxlzAxA9R_EEHenwKr6Ih0HhqYl1rG77g1jYsJwrdcDN_4NDnCqfcwoWMfNtRrdVaVgCRp7deNF1u_A.jpg

Domain: telegram.org
URL: https://telegram.org/img/emoji/40/E29ABD.png

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/gBJ5Dvur9DHQ7wOqYtcEjwNmWCBeqMmJrnF6lJS-9pUcfiEu0uf5cwOz30wq9DhfwaiikXXGtXppocZZ-KnlD6Hg6BYvwLJ1M6SrhsQPcJ2AvqaH8L1vfXtbY8WuyTSFQraGLEZVXH_5KuP5so0giNdI4VKl1ecILApbev9sGX-d4Py18DbOpdMi6lfuSI2GnkLM6XR_nJOebRVqAFfPgqNj7aBWy19c8q1h9TzcDfYRrFSfRHQfe8QLehi5nbgBpZIsfT_oKAUT39O9NetXjMCZAdUx5nl-lbPEuJdeHQFpbd_8yZhCghJQYPyEFczrrogwYN2AGOb5eySUeUDgfg.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/ku2-vR_kAkAcWFsUUYqqQo7d0MjP1Yoo1hqkOyzfUFpbuoICa7hKqIaopO4LXt13CsK4CqSuf35aNV6m5xETm2li_g5tCkOxv7uU3QmPmZ1tBjHCVu9Sl4txLpw6fWZ_53JCU9Npk0BekPISHl1eYMB6k4xI1IAHb3eK9MWYo3d5ApUWAmHzVkPN6dgr6H_b-86RsGCCI562fBX6w-qNmJ0homUVhShMGQYRnvfuHPrYWK2V_JOjcL2BntWBchxz2JsHAMZ3SJQqnKwzRUl0uxj-M1YrXseanLMTC89vT0XeM7P34ppJ0OpE7OgvDTjV7HXRDgjFUKXNGVaMNSOhrg.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/ARtxgAD2mkfGTkePo4qbNrw944tkIQpf2pbMuNtr3Tkbtk7KemZGKvPJMBeOyA4gWqfom1IWVu8qDH_25_Nc2EeuieUi_mQAyi8PwhTjZf3ZiXJ00cXHJ0X_4KZj2Ywai4SQcEyQk5xVTkwPh8tWeO9bFcnDUFP02NweeiWWsUbfLXwKytf59vs2VV59FS51yy_Sjt6c8BPj7ZattnMtPgNCNULEEgKsZHF8EukoWpCUXIEhfc0YSeULptQRbYO1wzc-tlWlSoay75rDr-QmDlDIJUmNqlottP5FBoQih3uSb8rD09gN6g-1VRZUZwqYbsX5uHb65cPHxBiYP8B8kw.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/TuLbbJmsHKLZpId5VmjmBMNgJwK4VgKQw5EUbeKGmj4A2NRGBevGWoQsT7T8eGonBDjX7VrGRUcfS-X0jiX571Q1w6HvPjppuQw_W9alSX-Xop22j2zhv45gyT9WIVDWl0Mz5D6mLrgFekesPN5lzEu4tYo8_PSl__dKX2a05rQgjwOFAbcKAxD68EUtxQbRGxoaecppHT0Xjkb4YOOZr7Mvyl0kUNIK3gm4Oo4mZX7OwFmYXlTl_dlbr_Qh6B82lrBYB3LmyCi2BuOH_JRrIbpCaO0chR9kxLhLcVOPj1BV5AhxBqtuClaZfRxCtpt9ZamkZvg9RSkVoWEct1kfdw.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/OH_rcdaLlSfSywt-8NoO0-kUko8zoul8iukAWEPFxIoWT6vJfR6QZ7NGdO4O4K29bXz-WBGo6yml1aJqfuTLe7dH-nhbte3gaKZGmtO-LL1f9mObkHCsi7TJGIvYX6I6IvfWmfjKE6oM3JXXFOvtmO9Vmee-RqQEODR71YIiGTdXxFKQl37cNXu-PHT0kMIGs5GbzgTcWz64DYGnHumAITNhf_kfcJdgKJ812NbrHuNz_b_XqkhXYEKCCEv6YtSI7ZedNHU4ga-6R_l_JsBkrsF4ril_x850vhpevldnV9cGIENLhf-81j7erNcIt2f1fGE7fm1j8l_8SIv_gGqVAA.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/aJk0axlr_QKRI-6krRSWavFTQhSvgKUe0LXN-yJWCZ8xDLCYXqOKCG1qTVZYdrRbnRHNih8az4Y3KFxTs6mGuenEo1j0NpqY2Qnsbzn9QXFwPnViBEg_aIRH_-d22ILjTa4oqcHhTQtx_-fBC02igetGzGNucTMgA3sfNfkZHJhq_Qp-OlDFOsOvGBzz0taGifKMljrEsK4mAphkc7OjQoOwBY3L2VWOQ4C0qQJ6TThSsVbCgx_J4CJSAgwfKQEo3s_YiohYsmIBJtDj01YtpVaXiVlpTd1dkn0a-g_8IHgr_4MlZYoTAk0HtC63BPGEr6j8_sCrNDRDmrKrP5FJ7A.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/H8YBvNsm5Vwuo3iMXbwgk9V1J-TBn7Ph636U7xZCfncDYBjuQn4CBHcfV_jKWdOYongNzH4bxdBsy6HEUi_ZPH8oIYgpfZxvlrTcIaKWx7bjs7i9BTwSSmTGofq5rQqKol5UrB5uDqris18LebhvPRVU_JmDPrXb0-g4J1IibLmvxbj4Wnw4aFKC88-XGOLUBPfk2zu8ENhB9oLGx9jtssh_QMscaaOwAnEIqG46KG2YSWAwmOKnrG3G2r0M3EsvOuS_YpbztqG0tOEorafShTk-Fl82QGqX-vBXzu6XN0D0XhGVY2W8dN53jn_qj5rnjYmxlFngPNly2wHFiKPjsw.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/SHiZcru472v4csJHnyiz4Y9eIUhpyh27dc9x0TGoTAlmK9BgzJFvf0u-sfUMWAWnN8VtJLtV0oyLTRu2o0PqeuiSlvFQbqrcLlOWknZ5Qlk3u5fXED6vbq4mZhdBwkWjdx6wY1cVWzgnCobOxNocSzcJ-ukAnHqQgJoMivL0-AClzOGoURoZCMPTfwMUA5wB2rWpWC8QsfOIrPd4DpYBVvpldStT1ebPaPoQMOtBTXS_VDLmgRHd584MIs0RtbHPeBm_9thmi4YLBEKL3YsFHewrHNIWhF47KGxvheI-Vpfua2b9-1YJsF-vFI3mvOC7oo4SWW0G-DEx8IDleX2hzg.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/ijrKrXcCQh_Kzw75itDyILfq8hHnC5-_IQjA7Qqo5U6Qkoe1tq7fKWqrljxf2i4VcBobmmcCl9JM6rKqyM5rJzJtP9I08jJbHX1Y8bUd-KQHnmOrc2ZFln2PROFAy3zawqA_BZD87F1yoZUzbvIoImAG4dMZeoBJuEyuLY8xevIjXpmIfrKE3OeDW244mBqmfHEd7NJqY9X8jPZizS1cN-FF2E_VteAHoU9LbRpP5Si3SYsVWesaF_31Y0-FPKq7XsjITR017FLDZRFmxXHD9b3RtbWRJ7tyXrXeAQob2lr28TEUojlSIeYB-JJkG_-eHy0_vVQwZu_KXw5lgy6Jzw.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/jy2T-q1kiWmp7qHPSsQChsReT2ziabVudyaIYrbD_p354rYcahiAdvhfZdkLEbnmZdA6BYsiT_BOoyp3-KCXTo6m_AobCDE-S1z10gw9kjN31jY_nKBl2ylmcKglXCcI5CSWKQt62sCcZh_YxE3YqCz8A6PJ_JZ-ALcXC0GuoKM0bGb96llhSzLeYHXXTxUeBOTqQmUs2eOiLRguS5nWeKUlMWRO0NBdWpWeaYNGRMol95RbDDfwWovDPlAVyhgmhQHOPT8ugO8HBk8lXJIrmAcz3i1_0tyPOIlYpow_i0c-StCRYxnE5v8lpqxyNWqD8Tpql3NpidVuposBO5qi6Q.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/I9CVUJMgeEkXBSAiKyq5OoL5BHrkF_77QwaodWWoxlq2sIiOxgR2DC3RvXpg8QL_uVNHWx7P_JV087mCUFO4lQi1hgyJOGCQRd6rQH2Fs2Rv1oJWKg0BsxNj3-rOSxnUfNT9KSO3TbS4yXLVzW_DzQCXpROMoW_zs0aXZDxrNVDIAcrKpKLMGXDgThDW4emmz3pY9Ll-9kx0o0fP-_Mfvix-AAf2iP581P6y5THsjvB3VbVjiwfsnV0Er5OdNoOIRdE9uE-f0G9w1n_oLRMYFi2ajmno-eMhFwEJzm-usdRAwFmrZJVlwp6yrXtcmPzlQ6TQLT6All29HGmimI7EKA.jpg

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/s93Ms4YcMOSsrI4amfsXM3F_IjTW0UvdaGcAGQqGKZDzEqK0Nd8Xi-DV9ZY5qOxwdqTRNw7D4kUhJGs8tl4dafUvjbecnzSlA_FvcbkEmnEMRysDVaBMPM1aZg0nl_JLzeZAfOCn65qoY7NgLdqIpJmeC0gnIbPpCDlrqUubPVYATEOr1dXjhMBTIjOqkrrRo66JfVY5p18YG2eKt_JGei4eIW6DqfmPm6--mhgnwgsNobuza8MtcmLkbBMl3QTZwEKqp0DvK4JkToo2AWe0YY56JL0u-KVDBe0e4ih5BYrpM1L7vfj-erstJJ5x5sQ0BbRrYc2wqdiZVcoiRGZtcA.jpg

Domain: telegram.org
URL: https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Domain: telegram.org
URL: https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Domain: cdn4.cdn-telegram.org
URL: https://cdn4.cdn-telegram.org/file/77f67bff50.ogg?token=kRHBKcC76MzJDW5QjWaaCp1vI1HGien00Xs9skHPOz83c73OkH9sveIgM2RgcMAryOz3s4xXSJoTXicz3gaO_-WdWCFb498fPRSjcAgRCjXkRpiLcE_7Orl5QJINkY_pk-Ir2nyRptHsaP-GeeQsBiC3q84yikDBAbZpPucansbikij4ttDA1K1WK3SzyvYJWZyJMOxKhTddWOVuVENING3_3_xLtcOXdpWphb1FzL7eHv5PfDI7jO64RILatJdHZ3QJNhqZUU7uB80dYRmVk1Kv9rjYPawMY7VuyEE0rC-jDKAOQOOEsvXyHSMoI0je2NiVYg2w9oXsFbkYvx7RkA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hellsparadise.fr/	1970-01-20 18:21:08	Name: _lscache_vary Value: f3fd6a2e2f1fb8b78a1d2d4d056fb110
.hellsparadise.fr/	1970-01-21 03:03:51	Name: cf_clearance Value: qvT.74qkaEe3qWb7rb.HMzxgfQSYW4wWIHbum4bavVQ-1707495271-1-AdDVy8wC9FoJC8AZA0MQvbyq4hgkWel8cdTUpj4mlWko2ZfGdHLZhc7VOIk2U6Q6cdbBvvqHcWkKAEhz1N2sNfc=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EvJcI26IU-w
.youtube.com/	1970-01-20 22:37:27	Name: VISITOR_INFO1_LIVE Value: javRZJGXj4s
.doubleclick.net/	1970-01-21 03:54:15	Name: IDE Value: AHWqTUn1BDlKhM26j0MgasBdQFy8k2oaIZo_ekBfR9S2Hz-qo0TYOdcABAZZBiPIWiw
.doubleclick.net/	1970-01-20 22:37:27	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:18:18	Name: DSID Value: NO_DATA

76 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://hellsparadise.fr/(Line 36) Message: Failed to set referrer policy: The value 'https://search.brave.com/' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
rendering	error	URL: https://hellsparadise.fr/(Line 36) Message: Failed to set referrer policy: The value 'https://hellsparadise.fr/' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/meFBHtL7iMrGmvjj0DiAQfljVvnEVgN1e4RKcfqQLeTD_lGbcS2QXgkgZgn2i-PM3fMQgfcEpMeL64mWzpN6KT8WzXxOySpIL4vcelydMzDLZhGh9xtaQkYROvw2CLAbh_il-OdQD78A7zXUCaVeNpbtHLZ7nqOvc0V4XWKJEIJxgr_VIN8PZupLMpOeKB1FLe_AK-50MwUHmk7A3FK1zt0sFZLqxerY1kyINKJlZbbB2REmKO39l8vJyAN3X43R-WYxGilfNBuq2ixGxvQwYMc8OuXYzk0-b52M2mK-XmHMYG_H8XMNFCGxiadjzSJIC8272vJYefqM5rbi-Y7GGg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/I9CVUJMgeEkXBSAiKyq5OoL5BHrkF_77QwaodWWoxlq2sIiOxgR2DC3RvXpg8QL_uVNHWx7P_JV087mCUFO4lQi1hgyJOGCQRd6rQH2Fs2Rv1oJWKg0BsxNj3-rOSxnUfNT9KSO3TbS4yXLVzW_DzQCXpROMoW_zs0aXZDxrNVDIAcrKpKLMGXDgThDW4emmz3pY9Ll-9kx0o0fP-_Mfvix-AAf2iP581P6y5THsjvB3VbVjiwfsnV0Er5OdNoOIRdE9uE-f0G9w1n_oLRMYFi2ajmno-eMhFwEJzm-usdRAwFmrZJVlwp6yrXtcmPzlQ6TQLT6All29HGmimI7EKA.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/ijrKrXcCQh_Kzw75itDyILfq8hHnC5-_IQjA7Qqo5U6Qkoe1tq7fKWqrljxf2i4VcBobmmcCl9JM6rKqyM5rJzJtP9I08jJbHX1Y8bUd-KQHnmOrc2ZFln2PROFAy3zawqA_BZD87F1yoZUzbvIoImAG4dMZeoBJuEyuLY8xevIjXpmIfrKE3OeDW244mBqmfHEd7NJqY9X8jPZizS1cN-FF2E_VteAHoU9LbRpP5Si3SYsVWesaF_31Y0-FPKq7XsjITR017FLDZRFmxXHD9b3RtbWRJ7tyXrXeAQob2lr28TEUojlSIeYB-JJkG_-eHy0_vVQwZu_KXw5lgy6Jzw.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/SHiZcru472v4csJHnyiz4Y9eIUhpyh27dc9x0TGoTAlmK9BgzJFvf0u-sfUMWAWnN8VtJLtV0oyLTRu2o0PqeuiSlvFQbqrcLlOWknZ5Qlk3u5fXED6vbq4mZhdBwkWjdx6wY1cVWzgnCobOxNocSzcJ-ukAnHqQgJoMivL0-AClzOGoURoZCMPTfwMUA5wB2rWpWC8QsfOIrPd4DpYBVvpldStT1ebPaPoQMOtBTXS_VDLmgRHd584MIs0RtbHPeBm_9thmi4YLBEKL3YsFHewrHNIWhF47KGxvheI-Vpfua2b9-1YJsF-vFI3mvOC7oo4SWW0G-DEx8IDleX2hzg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/aJk0axlr_QKRI-6krRSWavFTQhSvgKUe0LXN-yJWCZ8xDLCYXqOKCG1qTVZYdrRbnRHNih8az4Y3KFxTs6mGuenEo1j0NpqY2Qnsbzn9QXFwPnViBEg_aIRH_-d22ILjTa4oqcHhTQtx_-fBC02igetGzGNucTMgA3sfNfkZHJhq_Qp-OlDFOsOvGBzz0taGifKMljrEsK4mAphkc7OjQoOwBY3L2VWOQ4C0qQJ6TThSsVbCgx_J4CJSAgwfKQEo3s_YiohYsmIBJtDj01YtpVaXiVlpTd1dkn0a-g_8IHgr_4MlZYoTAk0HtC63BPGEr6j8_sCrNDRDmrKrP5FJ7A.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/ku2-vR_kAkAcWFsUUYqqQo7d0MjP1Yoo1hqkOyzfUFpbuoICa7hKqIaopO4LXt13CsK4CqSuf35aNV6m5xETm2li_g5tCkOxv7uU3QmPmZ1tBjHCVu9Sl4txLpw6fWZ_53JCU9Npk0BekPISHl1eYMB6k4xI1IAHb3eK9MWYo3d5ApUWAmHzVkPN6dgr6H_b-86RsGCCI562fBX6w-qNmJ0homUVhShMGQYRnvfuHPrYWK2V_JOjcL2BntWBchxz2JsHAMZ3SJQqnKwzRUl0uxj-M1YrXseanLMTC89vT0XeM7P34ppJ0OpE7OgvDTjV7HXRDgjFUKXNGVaMNSOhrg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/H8YBvNsm5Vwuo3iMXbwgk9V1J-TBn7Ph636U7xZCfncDYBjuQn4CBHcfV_jKWdOYongNzH4bxdBsy6HEUi_ZPH8oIYgpfZxvlrTcIaKWx7bjs7i9BTwSSmTGofq5rQqKol5UrB5uDqris18LebhvPRVU_JmDPrXb0-g4J1IibLmvxbj4Wnw4aFKC88-XGOLUBPfk2zu8ENhB9oLGx9jtssh_QMscaaOwAnEIqG46KG2YSWAwmOKnrG3G2r0M3EsvOuS_YpbztqG0tOEorafShTk-Fl82QGqX-vBXzu6XN0D0XhGVY2W8dN53jn_qj5rnjYmxlFngPNly2wHFiKPjsw.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/b0MuPflWjSuz87IseSOLNTNwCE6zzhMcnYWeTAvPvB80mCJFzOA7m71jITgNN43sUCn1K4QSmVzFWbxGkTN9xI6DaV_d6MIIeEXtEvdXF62hAvLCIotMaWT5po8EsmoK3d3Zk2Us_9TIHY5yXnt9IqaiODcFe73CKjQDH0HPLs1zSi71rZ4vQPlv48YRzma2Jqwapp6EQy0-3M_dFyR9ipbWxE1PeQsHT57CYpp1Ui0cMBiQGX1gUrjOlbzwmGdEwtiujZQWaE9s0Tmek4UtDI6ABpnzHbWA19eYYlnRivv4m5J_XHINPXn5N5OPo_AjqIzYXOJhERriNjuqlh47gg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/OH_rcdaLlSfSywt-8NoO0-kUko8zoul8iukAWEPFxIoWT6vJfR6QZ7NGdO4O4K29bXz-WBGo6yml1aJqfuTLe7dH-nhbte3gaKZGmtO-LL1f9mObkHCsi7TJGIvYX6I6IvfWmfjKE6oM3JXXFOvtmO9Vmee-RqQEODR71YIiGTdXxFKQl37cNXu-PHT0kMIGs5GbzgTcWz64DYGnHumAITNhf_kfcJdgKJ812NbrHuNz_b_XqkhXYEKCCEv6YtSI7ZedNHU4ga-6R_l_JsBkrsF4ril_x850vhpevldnV9cGIENLhf-81j7erNcIt2f1fGE7fm1j8l_8SIv_gGqVAA.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/s93Ms4YcMOSsrI4amfsXM3F_IjTW0UvdaGcAGQqGKZDzEqK0Nd8Xi-DV9ZY5qOxwdqTRNw7D4kUhJGs8tl4dafUvjbecnzSlA_FvcbkEmnEMRysDVaBMPM1aZg0nl_JLzeZAfOCn65qoY7NgLdqIpJmeC0gnIbPpCDlrqUubPVYATEOr1dXjhMBTIjOqkrrRo66JfVY5p18YG2eKt_JGei4eIW6DqfmPm6--mhgnwgsNobuza8MtcmLkbBMl3QTZwEKqp0DvK4JkToo2AWe0YY56JL0u-KVDBe0e4ih5BYrpM1L7vfj-erstJJ5x5sQ0BbRrYc2wqdiZVcoiRGZtcA.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/PbghfQjKncv-2g8jaPNkVCIK8VwOIoUyPoJzeSIoq71FLxIlpf361sK-X22PRmQ9Uq47KXRqGUSdQIfIxplO3qxIH_84FlRik_ndaPbLMZtAgs6b5VvhFx_5RZqUyMI-OelapUbMeea7wwhpnCqyFS9f1AZGmeQ9LiFfL4WhN0cHjRlgg8TDGp6-hLqx70ubXYDWUAGTOTp1ENxpd5JNYotUc3s2_9C-uFbPxXQHWE7oftXRd6pxrWhOj9x6iaQuD30kB_Wj7pt7DDIler6AgC71SGBfzUwrIQ1QpDHgbDNqjPZfZpSvHy1g5NFKPFjYtL8KH6KHbfy-NygS63UvpQ.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/OqtO8UoQ9agHGTytRQLebx3hJoG_NJjU0tdH4eRtAbB0-YKRzP4BkMYf27PQlKDxi_kmiCGr473b47a-HmM1epF4M-5wa-awpuU8K_JCCrhk3dBhnwp2DCYYrtyhIc6WHpTuy2fBb_38E1TqPnclNA18ANCod8wMp0EbzL2dbNbjUa3jGUt_bvtQQhMJk4srPJ86xBN117GUqb2ZjAgZRqgQuhzlO-TJWwZrX6OzsauTjKo5yiRsyymKsXrXbI1tnHj8R7nS-sZBSpvw3m7qtOTY0PZWzO-dPdcMcuYwEDgje9Nh-131dkxB4TP8NISYxqxkm_cSubE81ixoPfZAZA.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/U6UMiaca8agsGfbNuN2GffAeMTpByJUfJwB7VHJNlNJ9Mz4ayQOmiaNEYk--krr0fqEAZGQgoxPcB2sBlmRoGo2tOVWCbXUKI64pz5NwdE8Bhe99cNPyWXd5npx6PRdx5kRtSazdgEW4IxcinDZ0HKWG1KRN6OHfAZ7PTS5wypZ5FojZEavJFBUQjXJ_srCD4QMKQ0KywRLbFz6_ApDQMDanQj6nvtZqCYjznGEJzw4nzhZHnWNtonaXzQ4cGTmOxbGQ2jpSxlzAxA9R_EEHenwKr6Ih0HhqYl1rG77g1jYsJwrdcDN_4NDnCqfcwoWMfNtRrdVaVgCRp7deNF1u_A.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/TuLbbJmsHKLZpId5VmjmBMNgJwK4VgKQw5EUbeKGmj4A2NRGBevGWoQsT7T8eGonBDjX7VrGRUcfS-X0jiX571Q1w6HvPjppuQw_W9alSX-Xop22j2zhv45gyT9WIVDWl0Mz5D6mLrgFekesPN5lzEu4tYo8_PSl__dKX2a05rQgjwOFAbcKAxD68EUtxQbRGxoaecppHT0Xjkb4YOOZr7Mvyl0kUNIK3gm4Oo4mZX7OwFmYXlTl_dlbr_Qh6B82lrBYB3LmyCi2BuOH_JRrIbpCaO0chR9kxLhLcVOPj1BV5AhxBqtuClaZfRxCtpt9ZamkZvg9RSkVoWEct1kfdw.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/jy2T-q1kiWmp7qHPSsQChsReT2ziabVudyaIYrbD_p354rYcahiAdvhfZdkLEbnmZdA6BYsiT_BOoyp3-KCXTo6m_AobCDE-S1z10gw9kjN31jY_nKBl2ylmcKglXCcI5CSWKQt62sCcZh_YxE3YqCz8A6PJ_JZ-ALcXC0GuoKM0bGb96llhSzLeYHXXTxUeBOTqQmUs2eOiLRguS5nWeKUlMWRO0NBdWpWeaYNGRMol95RbDDfwWovDPlAVyhgmhQHOPT8ugO8HBk8lXJIrmAcz3i1_0tyPOIlYpow_i0c-StCRYxnE5v8lpqxyNWqD8Tpql3NpidVuposBO5qi6Q.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/ARtxgAD2mkfGTkePo4qbNrw944tkIQpf2pbMuNtr3Tkbtk7KemZGKvPJMBeOyA4gWqfom1IWVu8qDH_25_Nc2EeuieUi_mQAyi8PwhTjZf3ZiXJ00cXHJ0X_4KZj2Ywai4SQcEyQk5xVTkwPh8tWeO9bFcnDUFP02NweeiWWsUbfLXwKytf59vs2VV59FS51yy_Sjt6c8BPj7ZattnMtPgNCNULEEgKsZHF8EukoWpCUXIEhfc0YSeULptQRbYO1wzc-tlWlSoay75rDr-QmDlDIJUmNqlottP5FBoQih3uSb8rD09gN6g-1VRZUZwqYbsX5uHb65cPHxBiYP8B8kw.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/gBJ5Dvur9DHQ7wOqYtcEjwNmWCBeqMmJrnF6lJS-9pUcfiEu0uf5cwOz30wq9DhfwaiikXXGtXppocZZ-KnlD6Hg6BYvwLJ1M6SrhsQPcJ2AvqaH8L1vfXtbY8WuyTSFQraGLEZVXH_5KuP5so0giNdI4VKl1ecILApbev9sGX-d4Py18DbOpdMi6lfuSI2GnkLM6XR_nJOebRVqAFfPgqNj7aBWy19c8q1h9TzcDfYRrFSfRHQfe8QLehi5nbgBpZIsfT_oKAUT39O9NetXjMCZAdUx5nl-lbPEuJdeHQFpbd_8yZhCghJQYPyEFczrrogwYN2AGOb5eySUeUDgfg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.cdn-telegram.org/file/77f67bff50.ogg?token=kRHBKcC76MzJDW5QjWaaCp1vI1HGien00Xs9skHPOz83c73OkH9sveIgM2RgcMAryOz3s4xXSJoTXicz3gaO_-WdWCFb498fPRSjcAgRCjXkRpiLcE_7Orl5QJINkY_pk-Ir2nyRptHsaP-GeeQsBiC3q84yikDBAbZpPucansbikij4ttDA1K1WK3SzyvYJWZyJMOxKhTddWOVuVENING3_3_xLtcOXdpWphb1FzL7eHv5PfDI7jO64RILatJdHZ3QJNhqZUU7uB80dYRmVk1Kv9rjYPawMY7VuyEE0rC-jDKAOQOOEsvXyHSMoI0je2NiVYg2w9oXsFbkYvx7RkA Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.youtube.com/s/player/5e928255/www-widgetapi.vflset/www-widgetapi.js(Line 1253) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://hellsparadise.fr/ Message: Mixed Content: The page at 'https://hellsparadise.fr/' was loaded over HTTPS, but requested an insecure element 'http://hellsparadise.fr/wp-content/uploads/2022/05/Arrow.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellsparadise.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn4.cdn-telegram.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hellsparadise.fr
i.ytimg.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
rr2---sn-apaapm4g-apae.googlevideo.com
s0.2mdn.net
static.doubleclick.net
storage.ko-fi.com
telegram.org
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cdn4.cdn-telegram.org
telegram.org
142.250.185.198
2001:67c:4e8:f004::9
2606:4700:10::6816:1c50
2606:4700:3036::6815:4bf5
2606:4700:e6::ac40:cf26
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2016
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:ba61:0:126::d
34.111.35.152
0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0
01a563fdfb3ca938d84f7c27a40a83eb5d66bca739ef95bda12f692a420a69e8
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
08b66d8131b636653251f7307ab40d4dacd3799230fdb169b8a1b61f29a39eb5
0af056f40e2c0da7a8dad50ebc677a6990ea9b201ff8e403d32ca719f9f5b1ef
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
0f6574bed2f0e9b62d4e77945317e6a1a9e3becfbb9498b39390fda73eb1ef6c
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
11ea1a93d916ef7f4023e821c6b9b9c31fa92ca91c885753a3e014386fa654c4
157935bcba91d5b1932ca72b59a7d6d568185d251f523d68b352dc83246f8c86
168b0b3e4dad8dd251775a64bfd2eaaa3fec94b04971043eebc16665757ab151
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1e46e564822b1ba69c2834338cb9da7d4553ffc334c7d5126ebe42231bfcd417
1e71437eebb207dec331a3234f28060fdf710dcc2fe418289362d7d0d3a5e565
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13
2b765a8de141e205d9ce11e1ec73695c745859f90f51dc77870fc2af3700f260
2ba23813e149b11e8c95321695c5a20be132e8176007b2a2209230c1a90bda1a
2c162014c40274a84cbce7373aca4aadecd99078a3d274668e812e3244a8da01
2eee814cf1ce6d4f84ed9e5b4a34b61f13e58bfdeb0d2b4a40263416bfb1cac3
3139bb5abfd35fbbf42029e768d755eebd207a5c78045e32e03b9e61bba79e5e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329285bbcb50dfbfacf8ebd813907a9bdbceaa0873b8486c927ee808fec19e38
335c88d7ccad853696b06d3d524c872567a8cc04c6966cd8cf0451834a5a7dc3
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063
42c777911e48d20f5acd5a2f396dd5aef897e74222fb167131ed5b9eefc5d29b
42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
47d5d4703c36b08f2e396243efeba9dc2337776810abc9335c99eb7826ef0ad3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
4fc388384d0c7d9e91d7b8c35eb525b270a799e95744b5907a1cf894ff6a6663
517c26455d1244fc5810748e503af92f3adc0b5073ec3db605841f948468bfc3
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
540580b26b44773105f13c8893cbcf216b840fe9e3e35e25686e2ddbf0d3044b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5762a1c9d3eaf77cf5b9af2cc62b308751ee2fb55455825908521cc527abb1fe
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad3a1f86a57f02306ab81ecca4ce0e122488a8039aaadbd2eebec2fe7225b10
5b58a98475a980d65d62c28edd2586447e63caafc8636e58085899eac677b2dd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cf1edad40057e9f8ddb9f85596f19d23115783f05bf4d8d85b6df3dcaab90e6
608453b1fc48dcaf65fd41462ebade486ce27d6557fc8da33810f029653a5bd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650a9d7c8ab11e6cea2ec927a0526a554caaf6b862f0ccfc7c4b949ba8252e5a
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689bc32979db9e90b5cb8254039b084e24c0e6b50f0dff5015aaa8344769c4a6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7903b1463d5197ddded415746e0de5c570c877dccfccb697fb7d15c3c9f93bcc
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a63aba3a6a913d21a6643f66ac22f75a0b3f765d835c7d47bb3b8f00c79d80f
7b2d7d178bf05f5cf095e6cffce46e3cf3f2f2098f2ea37294d47727742bf5f1
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e5778354d31168a2071ee37cd337912b5956fa0ef5601b3ee2b23e48ac54bbb
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8b35655729c7e55387e0f7cae4248d6e98b0351771657fc5c121231d38743952
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
9434610f03b23074f9ae8ba5dbed66819c052a1d3c8e2256296c50ddeb4fe7f8
9461969b07629f368a8a6eab1df115a12f6bc4ed9ad4bf0f93c4334b51d6d79b
94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64
96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b3c184d683b2cf90a2e786ba5ea2ecc31068e0d64f85dace72ebcf4d41d0871
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ca8e47dbdfac00ad9171d98b3d3ef1c06ead831de6f98bf04ccdb445810d742
9d0ef679dd984069d7f531a017a54fb7b9411ee3d989052e5abe07477226e00c
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
a1b2ec65d532e8b8f060da014e25d63cfad770a9363a2368cf7bf975b29eff5d
a59cb35eb7031decd7e7d9076fb47d3fb2f7abb5ce97acb78751c0f6f6aabcaa
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253
ae0d3c6ca12a3452924c53402b1497e0c4d49b6de15174c582c9651f1a3aaddf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b099ed8df0b4da7d96a83fe24aed573122b8df1b110c1426e66f40584047273b
b17e86a6ccbb4235045b90ab27c432073c98e4d4715c5a15dc223d6832a4ddc3
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b506ad23b101cd015c655e6aedfe7f689454f26a4b155553c26e2c666bcf804e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba805b291bd04df24c121809a3dc451a853acf5c18ce8b1023a10c4cbe6d98c7
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c66f569b515c502da7cfcaee815130d2afa0c9afe11e0ae320684085926db1f7
c6e9769be7df77149ec5410ac82c38e7e15c2968a64772af6fec57d05210e0ec
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c715d30245ca45a64cb5a8d9e8c112ef90f73a37367ac468cf2b481f39648c8d
ca01abb5fd7affc3688964cba2b72de46248ce7271d2248e8cd20969394b9dd8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbd779bd5b62d4b7cb442a031cec56ccf73d6cc1f10559b73e73c245e5aaca49
cdc5e626d9abe6a336afe792f9d76d12008aeab4fc77db1a7b4c1a2805ae640e
cdf7cb1ebe221c59698aba1dcf04a889be2a298018b4686d539724c9d540603a
cfcc42d9e0bf09f47a1021e19a293c28f96cb3bf3aeedf4cfaf5b73c0bd9d0a2
d045be463a5bcbe31693583227c05198ef9ef38bcd09a61f42eb6e571f8c7f4a
d0e129d8048571c66da7f2de8cddaffccc2692f10f28a4e8179914ee9c061db5
d46ae11fe44679f71e7d9e2f164514e17908c8dfda2d79bcf21f0e7dd8e43ce4
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d828b044f86e25d8565bf5afbd646ccfb51641641175cc43d0c019747ca74230
da7fe863dfb2e7256521038d63e5ae697ea77719d7214985c8f70e5505f44cb5
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd419b9c1191bb2352b499c35a7cc4db0aba8a53400d89f165bf858b62dc1253
e0577a508911f8d2d66baa42a4a8357819c991020c16414403cd4be562d5b80c
e279cb1b5d68d238e62b805f61843b889cf1378723681938b313ab9121d59b98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
e9e5387c133027ab0807ecca490976f16b57ade04e65304583eab6b9fb3bf03f
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee8ca59fb3e6fbf2ed1ad741ef146aa10bf0f824cfd318c9e992654e84d9f5b8
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5569fd592a9f98733b42e918680b19ddcab0d5cf365d001b4ade87cf84968ba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ade95b8ded382a6867f5bf483f5effc45e34b1ea69382b9f408f3a57fb0606
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f93aaf50538e87ad350d4cc6ffdc88298008f2fe15ab8bb7beac64efbc83d661
f970cf2db1582b7214f2ddc7a2faaca8de19c409a322d5aaf44ea97fa98b9d40
fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769
fb15a361cf90d50dbe21e8aa9954fd975626f31ccc553211a3e8e10c7c6eba0a
fb18c75ab2d93c5aad825e73bc41a0cb79b06c7e40d885d0e5e20be1897b1a15
fe8c807fe604e0973ce9d884a38c9b3cbd0b49ef8350cbff9a09b8e6d6ac2936
fece26c018b63bf148b9c071d9e4897b8a0545c916cc78969d46468c3ea25787
ff535c6447e0d934bdd94ce01c356199eba4279215a111de0896895c20715fab
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

hellsparadise.fr Open in urlscan Pro 2606:4700:3036::6815:4bf5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

88 %HTTPS

90 %IPv6

15 Domains

21 Subdomains

22 IPs

4 Countries

6806 kBTransfer

14889 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hellsparadise.fr Open in urlscan Pro
2606:4700:3036::6815:4bf5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

88 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

6806 kB
Transfer

14889 kB
Size

7
Cookies

245 HTTP transactions
18 data transactions