tarifs-poste.net Open in urlscan Pro
213.186.33.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tarifs-poste.net/
Submission: On October 24 via automatic, source certstream-suspicious (October 24th 2021, 9:13:22 am UTC) — Scanned from DE

Summary HTTP 74 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 74 HTTP transactions. The main IP is 213.186.33.18, located in France and belongs to OVH, FR. The main domain is tarifs-poste.net.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.

This is the only time tarifs-poste.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	213.186.33.18 213.186.33.18	16276 (OVH) (OVH)
2	195.15.226.243 195.15.226.243	29222 (INFOMANIA...) (INFOMANIAK-AS)
8	104.21.32.175 104.21.32.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 6	172.217.16.132 172.217.16.132	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
14	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
74	15

17 213.186.33.18 (France)

ASN16276 (OVH, FR)
PTR: cluster007.ovh.net

tarifs-poste.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.15.226.243 (Switzerland)

ASN29222 (INFOMANIAK-AS, CH)
PTR: ov-830e39.ch2.infomaniak.ch

traffics.qilink.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.32.175 (United States)

ASN13335 (CLOUDFLARENET, US)

cmp.uniconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge.uniconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cmp.uniconsent.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	317 KB
17	tarifs-poste.net tarifs-poste.net	149 KB
8	uniconsent.com cmp.uniconsent.com edge.uniconsent.com	157 KB
7	google.com 1 redirects www.google.com adservice.google.com	38 KB
6	doubleclick.net googleads.g.doubleclick.net	44 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	329 KB
2	consensu.org cmp.uniconsent.mgr.consensu.org	608 B
2	google-analytics.com www.google-analytics.com	20 KB
2	qilink.dev traffics.qilink.dev	65 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	googleadservices.com partner.googleadservices.com	610 B
74	11

	Domain	Requested by
17	tarifs-poste.net	tarifs-poste.net
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com tarifs-poste.net googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	tarifs-poste.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com tarifs-poste.net googleads.g.doubleclick.net
6	www.google.com	1 redirects tarifs-poste.net www.gstatic.com www.google.com tpc.googlesyndication.com
6	cmp.uniconsent.com	tarifs-poste.net cmp.uniconsent.mgr.consensu.org cmp.uniconsent.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	fonts.gstatic.com	www.google.com
2	edge.uniconsent.com	cmp.uniconsent.com
2	cmp.uniconsent.mgr.consensu.org	cmp.uniconsent.com
2	www.google-analytics.com	tarifs-poste.net www.google-analytics.com
2	traffics.qilink.dev	tarifs-poste.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
74	15

This site contains links to these domains. Also see Links.

Domain
www.laposte.net
akismet.com
www.tarifs-poste.net
www.facebook.com
twitter.com
www.csuivi.courrier.laposte.fr
www.colissimo.fr
timbres.laposte.fr

Subject Issuer	Validity	Valid
tarifs-poste.net R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
traffics.qilink.dev R3	`2021-09-02` - `2021-12-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cmp.uniconsent.mgr.consensu.org R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://tarifs-poste.net/
Frame ID: D8885AF0388433FE17A70DC0CEA9E689
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 6D9347654E6465D562C55E4E2E29FF10
Requests: 1 HTTP requests in this frame

Frame: https://cmp.uniconsent.mgr.consensu.org/portal.html
Frame ID: 1B1DE1176854C4BE6FF2321E6B00C7B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej
Frame ID: 7DB38291594C8AEBA50872F9C7FF288A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619
Frame ID: A177B172DF893E0CB629F30A2461E508
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&adk=1812271804&adf=3025194257&lmt=1635066798&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftarifs-poste.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=1&bdt=479&idt=103&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=280x600&nras=1&correlator=1909066784861&frm=20&pv=1&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=631
Frame ID: AA6BB0690CEA8A18AB69CC35CAD2B531
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0243E8D406F6EB7A1C6F0B138C441531
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7D5B6E2FBC7C479695758406EEBD2B2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html
Frame ID: 9639052244D986E7E0931B1DDAE98C53
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C7XV0riN1Ydv_BIyf-gbOg4OQCqqs_Jpl_JTcwf4N2tkeEAEgq7i-GmDJBqABtIuBpAPIAQmpAiyJ0uIhIqs-qAMByANIqgTIAU_QfTGTMBRW26nkFCnjN64JdNR7RflBGP209xLcPd4gr7If9VbvP30cGoPhQJ-eAYUtUGHg5Fo7whwpUnVwSJRJWDLAAgJpYrkN-qjONUfyonUNoSVM6AcuEluKx5xBjlFYRq357W-Ynjzfpf2amxtjwEm6Pcy2G7fQ9MjhRAxBb5ENzAaLocKbwMWrjojXilrt5IUEAXhafc1tr_uB5FuqHA6ZgnNSNInVJIb6-goNBP3_0EPHASDu7HQgT3qWDivcr1f1s9QqwASTwtj30gOSBQQIBBgBkgUECAUYBKAGLoAHtPT-W6gH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAfVyRuoB6a-G9gHAPIHBBCEph7SCAkIgOGAYBABGF-ACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMzE5ODI2OTUwNjA0OTczNRgA&sigh=ZsTbcT-mpJo&uach_m=[UACH]&template_id=419
Frame ID: FB34EFF3592DE96ACB2FD850A556F0C6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C0F7A8146A3888093D0B8C358EAA3B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tarifs postaux 2018 - Colis, Timbres, Enveloppes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Uniconsent (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cmp\.uniconsent\.mgr\.consensu\.org/dfp\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

74
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1156 kB
Transfer

3034 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.laposte.net/
Title: www.laposte.net

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: En savoir plus sur comment les données de vos commentaires sont utilisées

Search URL Search Domain Scan URL

URL: http://www.tarifs-poste.net/machine-a-affranchir/
Title: Avantages / Inconvénients / Tarifs. Documentation complète entreprises

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Tarifs-lapostecom/307018632807393?ref=tn_tnmn

Search URL Search Domain Scan URL

URL: https://twitter.com/tarifs_postaux

Search URL Search Domain Scan URL

URL: http://www.csuivi.courrier.laposte.fr/suivi/
Title: Suivi courrier

Search URL Search Domain Scan URL

URL: http://www.colissimo.fr/particuliers/home.jsp/
Title: Suivi et informations Colissimo

Search URL Search Domain Scan URL

URL: http://timbres.laposte.fr/?Source=LPNET/
Title: Achat Timbres, lettres et Enveloppes

Search URL Search Domain Scan URL

URL: http://www.tarifs-poste.net/tarifs-pdf
Title: LES TARIFS POSTAUX DE 2017

Search URL Search Domain Scan URL

URL: http://www.tarifs-poste.net/
Title: Tarifs-Poste.net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tarifs-poste.net/ 46 KB
12 KB 76ms
19ms Document
text/html 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache / PHP/7.3
Resource Hash: e190e47baea80bf6854ec4ed36b888c09ba0f1b90fded6e0056e2231672b64ba

Request headers

:method: GET
:authority: tarifs-poste.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
accept-ranges: none
content-encoding: gzip

GET
H2 200 calls.js Show response
traffics.qilink.dev/ 224 KB
49 KB 227ms
41ms Script
application/javascript 195.15.226.243
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://traffics.qilink.dev/calls.js

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.15.226.243 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

ov-830e39.ch2.infomaniak.ch

Software

nginx /

Resource Hash

8b4daa8aff5bfca98eaa10698b2d1a0af5894450bafba0edba5ae1070c158882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 15:10:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"616edfd1-37fa4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 69a3449348.cmp.js Show response
cmp.uniconsent.com/t/ 217 KB
60 KB 216ms
30ms Script
application/javascript 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92db64e30bac85b3ecb8381880c8096c833d4441803c589ce1d4aaa8bd37889c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82674
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 17 Aug 2020 11:02:14 GMT
server: cloudflare
etag: W/"e504cbbb195e73a8511e61ed4e73e0ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEZmWxcQ1%2B6nIRAQlFeeyMnS98TylPuMGjYjkmlagdF84Hak6xkK3r7iiSwNEnxONCCVAsglhh4aq6Ks%2B%2BCVpEhCmYvf2HJ4KjNXOXeDU7kgrKZHf15JKlguZjZx3CyDjfrF3fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a32169a4bfb4132-PRG

GET
H2 200 style.min.css
tarifs-poste.net/wp-includes/css/dist/block-library/ 29 KB
5 KB 18ms
17ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.2.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 20:51:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 4788
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 styles.css
tarifs-poste.net/wp-content/plugins/contact-form-7/includes/css/ 2 KB
861 B 18ms
17ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:42 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 649
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 gspm-styles.css
tarifs-poste.net/wp-content/plugins/genesis-social-profiles-menu/css/ 53 KB
5 KB 19ms
18ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/plugins/genesis-social-profiles-menu/css/gspm-styles.css?ver=1.2
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 90d449ff0d1af5a3bd7392d21f88fa8a635b0e4bc21830084468c457e10ba2e9

Request headers

:path: /wp-content/plugins/genesis-social-profiles-menu/css/gspm-styles.css?ver=1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:37 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 5269
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 social_widget.css
tarifs-poste.net/wp-content/plugins/social-media-widget/ 2 KB
717 B 17ms
16ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/plugins/social-media-widget/social_widget.css?ver=5.2.12
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: e59dd93adb670656d3323a3b3bf614209cdd9916dd9ac1acea5fed28a866f0a1

Request headers

:path: /wp-content/plugins/social-media-widget/social_widget.css?ver=5.2.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 505
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 comments.min.css
tarifs-poste.net/wp-content/themes/generatepress/assets/css/components/ 1 KB
771 B 19ms
18ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.0.3
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 326a1baeca01332481ac55e0b846800dba72ca04e5861349d3a89f6a3f57ab68

Request headers

:path: /wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:51 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 559
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 main.min.css
tarifs-poste.net/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 18ms
17ms Stylesheet
text/css 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.3
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69

Request headers

:path: /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:51 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: none
content-length: 4643
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 jquery.js Show response
tarifs-poste.net/wp-includes/js/jquery/ 95 KB
33 KB 31ms
31ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Mon, 11 May 2020 18:43:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 33776
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
tarifs-poste.net/wp-includes/js/jquery/ 10 KB
4 KB 18ms
17ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:16 GMT
content-encoding: gzip
last-modified: Mon, 11 May 2020 18:43:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 4014
expires: Sun, 24 Oct 2021 09:28:16 GMT

GET
H2 200 tarifs-la-poste-300x288.png
tarifs-poste.net/wp-content/uploads/2014/07/ 71 KB
72 KB 17ms
17ms Image
image/png 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarifs-poste.net/wp-content/uploads/2014/07/tarifs-la-poste-300x288.png
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: d02c9d16fecc90c9c95f062a05bc3a2fa809933fc98e795f863fb739be409f5a

Request headers

:path: /wp-content/uploads/2014/07/tarifs-la-poste-300x288.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
last-modified: Sun, 27 Jun 2021 20:58:54 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 73213
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 102ms
61ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4daf059f2f03ff041be3bc175348bee5fd83a13a181083eb9e2c92eff2d3f814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51406
x-xss-protection: 0
server: cafe
etag: 14441330762964714011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Oct 2021 09:13:17 GMT

GET
H2 200 facebook.png
tarifs-poste.net/wp-content/plugins/social-media-widget/images/default/32/ 634 B
813 B 17ms
17ms Image
image/png 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarifs-poste.net/wp-content/plugins/social-media-widget/images/default/32/facebook.png
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 81480cebe2ddeedde1af2e2a6f9eab352094abd78c75464705be2bcbb6e91b54

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/32/facebook.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
last-modified: Sun, 27 Jun 2021 20:58:44 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 634
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 twitter.png
tarifs-poste.net/wp-content/plugins/social-media-widget/images/default/32/ 877 B
1 KB 18ms
17ms Image
image/png 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarifs-poste.net/wp-content/plugins/social-media-widget/images/default/32/twitter.png
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 0e2160fefe0b02729a87a03ef7f21fe2003b7054a7bbb5c11011c11a51a4156f

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/32/twitter.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
last-modified: Sun, 27 Jun 2021 20:58:44 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 877
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 scripts.js Show response
tarifs-poste.net/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 17ms
17ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:42 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 3993
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
969 B 63ms
28ms Script
text/javascript 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&ver=3.0

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f132.1e100.net

Software

GSE /

Resource Hash

5a8405d546e6e3fc0632eaf19c6e8efa7cc45acf8ff40e0226dc67017d6ddb16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Sun, 24 Oct 2021 09:13:17 GMT

GET
H2 200 main.min.js Show response
tarifs-poste.net/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 17ms
17ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.3
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

:path: /wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:51 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 1765
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 comment-reply.min.js Show response
tarifs-poste.net/wp-includes/js/ 2 KB
1 KB 17ms
16ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-includes/js/comment-reply.min.js?ver=5.2.12
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.2.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 20:51:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 1044
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 wp-embed.min.js Show response
tarifs-poste.net/wp-includes/js/ 1 KB
961 B 17ms
16ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-includes/js/wp-embed.min.js?ver=5.2.12
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.2.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 20:51:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 739
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 form.js Show response
tarifs-poste.net/wp-content/plugins/akismet/_inc/ 700 B
540 B 18ms
17ms Script
application/javascript 213.186.33.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tarifs-poste.net/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by: Host: tarifs-poste.net
URL: https://tarifs-poste.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.186.33.18 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster007.ovh.net
Software: Apache /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

:path: /wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tarifs-poste.net
referer: https://tarifs-poste.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Sun, 27 Jun 2021 20:58:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: none
content-length: 318
expires: Sun, 24 Oct 2021 09:28:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4363
date: Sun, 24 Oct 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sun, 24 Oct 2021 10:00:34 GMT

GET
H2 200 dfp.js Show response
cmp.uniconsent.mgr.consensu.org/ 140 B
356 B 46ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.mgr.consensu.org/dfp.js
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 15:13:23 GMT
server: AmazonS3
etag: "b590bb023f189f4af7c50dc2454950d2"
x-cache-status: HIT
x-hw: 1635066797.cds143.fr8.hn,1635066797.cds240.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 141

GET
H2 200 / Show response
edge.uniconsent.com/json/ 61 B
703 B 106ms
59ms Fetch
application/json 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.uniconsent.com/json/
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8f736fd8656a82c60b4d5e4a1f5c8a0d419617a899fcd3e19661c548d79359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkRRNKJfinc%2BqEfwifd%2F5H2EflX3MWw1XE1DXC8FU%2BYhhRbIuZRD6FpuNPC214Uo7qOWAmAW67fNUiP1jqwB0F2N8%2FKi0TUqt2M9qVAxznPPjhl5wMTe2WEjr0ZYw4Gji9eMuYOx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a32169bad90411a-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 346 KB
136 KB 29ms
6ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tarifs-poste.net/
Origin: https://tarifs-poste.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 08:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 138388
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:02:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Mon, 24 Oct 2022 08:32:13 GMT

GET
H2 200 number.png
traffics.qilink.dev/svg/ 16 KB
16 KB 21ms
21ms Image
image/png 195.15.226.243
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://traffics.qilink.dev/svg/number.png

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.15.226.243 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

ov-830e39.ch2.infomaniak.ch

Software

nginx /

Resource Hash

86a53971f88332ec9d0cfd55bd5b68b8844e1ce4cf1de31ad4bcad77998aabcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 31 Jul 2021 22:11:14 GMT
server: nginx
etag: "6105ca82-3e8e"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 16014
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 15ms
14ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=144818564&t=pageview&_s=1&dl=https%3A%2F%2Ftarifs-poste.net%2F&ul=en-us&de=UTF-8&dt=Tarifs%20postaux%202018%20-%20Colis%2C%20Timbres%2C%20Enveloppes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=243912981&gjid=1654237641&cid=1313271432.1635066797&tid=UA-52888171-1&_gid=81913543.1635066797&_r=1&_slc=1&z=1231938484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tarifs-poste.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 09:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tarifs-poste.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 270 KB
97 KB 45ms
44ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

399bd440cb9d9711f7a5e6128fcdc6a7fa168eeccff34275c18f7f66721fec27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98991
x-xss-protection: 0
server: cafe
etag: 2724526229157959626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Oct 2021 09:13:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 6D93 10 KB
5 KB 29ms
7ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 24 Oct 2021 04:50:41 GMT
expires: Sun, 07 Nov 2021 04:50:41 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 15756
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 portal.html Show response
cmp.uniconsent.mgr.consensu.org/ Frame 1B1D 127 B
252 B 10ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.mgr.consensu.org/portal.html
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49ec7b13f003a340377fc0fb6f87a7ce7ed09e56b4bc1f42a9f5842e3074fff2

Request headers

:method: GET
:authority: cmp.uniconsent.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
content-length: 117
content-type: text/html
last-modified: Sun, 01 Dec 2019 21:29:17 GMT
accept-ranges: bytes
etag: "c053c3a03192c2c34206e1c0bf32201e"
cache-control: max-age=86400
x-cache-status: MISS
server: AmazonS3
access-control-allow-origin: *
x-hw: 1635066797.cds143.fr8.hn,1635066797.cds273.fr8.c

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7DB3 39 KB
20 KB 46ms
29ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f132.1e100.net

Software

GSE /

Resource Hash

9210354f887aca8ef655e21ffb689c226af2735682b9a60eb8393fdb4c051d6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lx5Zjc1xiEWu12HEl34wCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Oct 2021 09:13:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-Lx5Zjc1xiEWu12HEl34wCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20239
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 portal.js Show response
cmp.uniconsent.com/ Frame 1B1D 108 KB
35 KB 45ms
27ms Script
application/javascript 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/portal.js
Requested by: Host: cmp.uniconsent.mgr.consensu.org
URL: https://cmp.uniconsent.mgr.consensu.org/portal.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c5418498df41ef9498010d8a3b380ef6d6d4d9fea093869bf3973a3162cc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.uniconsent.mgr.consensu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84570
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 17 Aug 2020 11:12:40 GMT
server: cloudflare
etag: W/"26924414e1b871465aad5c90b1449244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKmcUIGrEDMGajE6qMhvbc%2BmsVOvigSYoEv0aSeRHMWSZVZhye0sMheaEAakT%2BOyfonjXwoo%2B1IgHBdI3rcTH%2B2a6DkQDle28uald1j1S%2B06jp1gUFniW2A%2B0rHgseSgFxTmOzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a32169cab3d4107-PRG

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 7DB3 52 KB
25 KB 20ms
7ms Stylesheet
text/css 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25743
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:02:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 22 Oct 2022 17:09:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 7DB3 346 KB
135 KB 24ms
11ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 08:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 138388
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:02:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Mon, 24 Oct 2022 08:32:13 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7DB3 2 KB
2 KB 7ms
6ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
age: 158104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Fri, 29 Oct 2021 13:18:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7DB3 15 KB
16 KB 33ms
10ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 268282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 06:41:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7DB3 15 KB
15 KB 37ms
15ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 218472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 20:32:05 GMT

GET
H3 200 iab_tcf_v1_vendorlist.json Show response
cmp.uniconsent.com/v1/ Frame 1B1D 4 KB
2 KB 86ms
62ms Fetch
application/json 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v1/iab_tcf_v1_vendorlist.json
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/portal.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bb424832db8019f3c9e5d896bc25ecf49d1d310974280dffe867929cf30922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.uniconsent.mgr.consensu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 17 Aug 2020 11:00:50 GMT
server: cloudflare
etag: W/"41435bb3d9b4e2d468843ab96066a808"
x-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfwuI33QpxydH82f5C4aUrQcEUFwyyZ8WMu25KyaP0WCw6oXsOo20jXeFTZCz%2BJzmaA%2BV2LKAMi56E6iWIjKru1vb2BleDxyEOZVNiy9wlMUsziOsF0HPkbsm0ZtlvHUiPYiDHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a32169d991127c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7DB3 102 B
133 B 17ms
17ms Other
text/javascript 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f132.1e100.net

Software

GSE /

Resource Hash

0792da4bfcee2d42d77ce9822fd71f13efa4fb92e556add6891a95545313567a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Sun, 24 Oct 2021 09:13:17 GMT

GET
H3 200 iab_tcf_v1_vendorlist.json Show response
cmp.uniconsent.com/v1/ 4 KB
2 KB 59ms
59ms Fetch
application/json 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v1/iab_tcf_v1_vendorlist.json
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bb424832db8019f3c9e5d896bc25ecf49d1d310974280dffe867929cf30922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 17 Aug 2020 11:00:50 GMT
server: cloudflare
etag: W/"41435bb3d9b4e2d468843ab96066a808"
x-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMHmfQR3cx5jrgH%2BQf2xYSF8Ou8BZ89dEU77z9xA8JY%2FekNtJPQrzhsbai1rf9YS%2FhHSooAyo9U4%2Bo4D6InxOfyB76jtrO%2FGIY%2BgqcKmU3UZQsDTbStYfliJtxHc%2B3RJSEAkXnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a32169e1a2f27c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7DB3 29 KB
16 KB 48ms
48ms XHR
application/json 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f132.1e100.net

Software

GSE /

Resource Hash

42e242b100cba6eb0728de004d296ee4484a888b576356ff13459c1bed5222b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4uLsUAAAAAGvXYwmO90mtY_TcXIECMm0_trjT&co=aHR0cHM6Ly90YXJpZnMtcG9zdGUubmV0OjQ0Mw..&hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=y9ahpchlo9ej
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16396
x-xss-protection: 1; mode=block
expires: Sun, 24 Oct 2021 09:13:17 GMT

GET
H3 200 ui.js Show response
cmp.uniconsent.com/t/ 142 KB
46 KB 31ms
30ms Script
application/javascript 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/t/ui.js
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4ad13d697ce166f79fed05f8e2df4663a4dea9517b4fa2e41c9282fb155087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84570
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 10 Oct 2021 21:12:46 GMT
server: cloudflare
etag: W/"664424e8cafd9f030365b86a9efbaf1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umSvRNCiIOmowz6g7tI1mK0iAq%2F4CcIWEPltHCXV10RlRhxz9fG5uA190xcNAnOg786R6WB1Tmo4eHg6Fyq2pbbHspQ8lAPe2tlkobkDzyTrOcqbtWp%2FLR4JjVXKD%2BsZj0aJVVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a32169e8e134107-PRG

GET
H3 200 comps.js Show response
cmp.uniconsent.com/t/ 55 KB
11 KB 23ms
23ms Script
application/javascript 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/t/comps.js
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7d83a57048ff2532935b7475428c821c210d597298cf99daff432d2089a5aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84569
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 10 Oct 2021 21:12:45 GMT
server: cloudflare
etag: W/"0a6d44b89506c1da7da5cacb890d52f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4KOzFsgAYZL14e8UkX0oOG6GukgYdbtUt3FSifBt4Y%2FC48ELrRImrtsoZo5vObrZuxrOdhZcd0%2FCJZLIH07i%2BuLIVpVElQjvEtkg3xBmtsxk0owSXHNAUXkBKu73JiUNoaTg%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a32169eee844107-PRG

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
610 B 38ms
16ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tarifs-poste.net&callback=_gfp_s_&client=ca-pub-3198269506049735

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

8217b95a95e7a97ca54d847bacadbd124194fea3838010aa1b543734d352fc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 58ms
22ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tarifs-poste.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 09:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A177 124 KB
38 KB 799ms
785ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f5f648b8b6109e8100f80b49ed0407174183c513139ec1d248e880f3e512d71f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuOvL3a4vMCFYyP3godzsEAog&gqi=riN1YZy6BK3L7_UPoumSqAg&layout=/sadbundle/%24csp%253Der3%24/829307892173126318/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuOvL3a4vMCFYyP3godzsEAog&gqi=riN1YZy6BK3L7_UPoumSqAg&layout=/sadbundle/%24csp%253Der3%24/829307892173126318/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 24 Oct 2021 09:13:18 GMT
server: cafe
content-length: 39154
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 09:28:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 24 Oct 2021 09:13:18 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 53ms
29ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

94fd7f58cc5e8b228b1857335daf734fa0ec8c0f1132395a59ecd2d9688f342c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 09:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8490
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftarifs-poste.net%2F&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 09:13:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA6B 0
19 B 105ms
100ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&adk=1812271804&adf=3025194257&lmt=1635066798&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftarifs-poste.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=1&bdt=479&idt=103&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=280x600&nras=1&correlator=1909066784861&frm=20&pv=1&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=631

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&adk=1812271804&adf=3025194257&lmt=1635066798&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftarifs-poste.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=1&bdt=479&idt=103&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=280x600&nras=1&correlator=1909066784861&frm=20&pv=1&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=631
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 24 Oct 2021 09:13:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 09:28:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 24 Oct 2021 09:13:18 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
28ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js?bust=31063253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 24 Oct 2021 09:13:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0243 12 KB
5 KB 22ms
6ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 24 Oct 2021 08:35:51 GMT
expires: Mon, 24 Oct 2022 08:35:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B7D5 783 B
536 B 19ms
19ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f132.1e100.net

Software

GSE /

Resource Hash

9be756d418b3de4cdec32c0c9787f2dd096125c7ba037ece71a2b94d4d3a4db5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-haOY5JyKRxiSJxSPSRGWIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tarifs-poste.net/
accept-encoding: gzip, deflate, br
cookie: _GRECAPTCHA=09AINsHFcXvcX4mnqlkiVH4ccJiXjw5lxGH_5j7nwRzEAFzSoTjo9oAC-hLBx172WhdQoachKq2iLaZ48KPAgHmIs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 24 Oct 2021 09:13:18 GMT
date: Sun, 24 Oct 2021 09:13:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-haOY5JyKRxiSJxSPSRGWIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B7D5 0
0 37ms
37ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=1641022289962928&rc=05AINsHFcmgJWqYs_LbGOtUttho60E5vWTGmpD1nEBAcpfj0k9Wv2dcluCR5LiFG7jYpsIy_0h_WweaztKKGWYzLCt9kI7hvXFOm7RuR8sZHNoJMUhWX3ATdMe3h84lsD6EamCpiIvghASD_EOkbp7V66vwAD9PLmrmsipdKd8ArtHHoi-Lp6hgbxJ7dCXYSYQBQj4ZyD75jmzMharJYbvKOvqngKNjV7UBoYLu3lbsuLB2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 0243 35 KB
13 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 00:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 00:10:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
51ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=1641022289962928&bg=!ExClEFTNAAbUs_yW1LM7ACkAdvg8Wi-EHFnLdbgSQG1MI3yH9tlZ5gjU8KfwfTvRYmIcmlHm9-C9VgIAAABxUgAAAAdoAQeZArK65_A7DWy93UIA2JHqa6WdGRDzxCxD1A3rdTPXsBH1sXjyOkRrfMgVAJTDs-07WG-HU-dOt1lF6oocsMlRzyxFcu6LhG1R039ZWPQS4ACsV3u62K0ngqyLzw5sWbIHIDfrsSzRc_R4iDqxxoOGvIPTdqjqeFTTzaI_DlXAaOaldIG2plooaggn46M9S5VTE6e-Sasxik1Qm6HTxe7KCZpCbp1FHYvxG-GK-1jwU44YxHLOIRmYvMawUX7bcN6r02cVt09NTXcEIou3GzRV7WuarAeeJmUkdX_ixGhSCNt_PX3xQxHsFo_0coQ87Uf0OUMM7vjs__IdFY-X4BauhI_Rxtc_b7gfh8sZ3a5TzvUSyFqkwpohciv_0OtQOkYNRpFu9Wk9FSc-Okc3rGM63omwCX9K2JltV_fH8BE4oJnKVPwpYe20KHURw4UNZUrFx4pGWeu2nqnQR9vk4cR5L7oFL9Co0fbXlR5kzpI-5HXyOgTslUOahhImwaF5i-GkyYgTGD1EomxlFtlfNQj5qKEyGjlN0FEFAyyKb2564XnOJpZ2i52E1UMizABoARvffxPq6Gsr4l1o8yQEnJzrPXL8HTnSqcDdToYUuOHhCVk3hWH7p-MrVleL159bCXqj7N7cnXhnseCBvLqfyKhhNioeWJLHso3dh8U_LicqiFG6ho-q0bGb9-Wdfd3Q_Tt6BBw1iBCiq0zNMmfxLcgKooFfhcofVYSB_S3MzcaYuEDbHvFPDqCwK0JxEgkLXrIJJB__NEtJ-eK0r_Z3oYX9Khb-MSw93XyAqeFsuU1VmtRfn6zSUEwLDS_Kw2fpgpnHEo0z4Z69faMHhImSdqJgW1V-bl5qNH7yv7Feqbodx5mXkDD9uaawMuoWiuioXHpNgVsPRppi-vzQhqQOhfVswFElayk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 09:13:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 edge Show response
edge.uniconsent.com/ 0
570 B 59ms
59ms XHR
application/json 104.21.32.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.uniconsent.com/edge?v=1&data=W3siYXBwIjoiMTEiLCJ0aW1lc3RhbXAiOiIyMDIxLTEwLTI0VDA5OjEzOjE3WiIsImV2ZW50IjoidXNlci5pbml0IiwidXVpZCI6ImIwNDQ1NWE3LWE3ZTQtYjRiOC04YzY5LTE3N2I1Njg1NWQzYyIsImNpZCI6MCwia3YiOnsiZG9tYWluIjoidGFyaWZzLXBvc3RlLm5ldCJ9fSx7ImFwcCI6IjExIiwidGltZXN0YW1wIjoiMjAyMS0xMC0yNFQwOToxMzoxN1oiLCJldmVudCI6InVzZXIuaXN1cyIsInV1aWQiOiJiMDQ0NTVhNy1hN2U0LWI0YjgtOGM2OS0xNzdiNTY4NTVkM2MiLCJjaWQiOjAsImt2Ijp7ImRvbWFpbiI6InRhcmlmcy1wb3N0ZS5uZXQifX1d
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/t/69a3449348.cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tarifs-poste.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u59jtfNXrJQFRbK%2FU9NGa8x6p26vGsfjD2DzFhbyO23Z62GKwt6Zo%2FgHw1cMlP%2BCS1avizWGphaPfiXHF9drKIj%2Fk1pMVeg%2FAciQtbDRo8%2FoZs50dg6Jus4CtrPzmRV0kav%2B%2BCD5"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a3216a258f127c0-PRG
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/ Frame 9639 11 KB
3 KB 7ms
7ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

6110202a1818c8b2e8b9605a8914be0ca7dfcbe7b558f944bce45bd1d64fadb5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/829307892173126318/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 3352
date: Thu, 21 Oct 2021 13:41:33 GMT
expires: Fri, 21 Oct 2022 13:41:33 GMT
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 243105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB34 0
0 32ms
32ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7XV0riN1Ydv_BIyf-gbOg4OQCqqs_Jpl_JTcwf4N2tkeEAEgq7i-GmDJBqABtIuBpAPIAQmpAiyJ0uIhIqs-qAMByANIqgTIAU_QfTGTMBRW26nkFCnjN64JdNR7RflBGP209xLcPd4gr7If9VbvP30cGoPhQJ-eAYUtUGHg5Fo7whwpUnVwSJRJWDLAAgJpYrkN-qjONUfyonUNoSVM6AcuEluKx5xBjlFYRq357W-Ynjzfpf2amxtjwEm6Pcy2G7fQ9MjhRAxBb5ENzAaLocKbwMWrjojXilrt5IUEAXhafc1tr_uB5FuqHA6ZgnNSNInVJIb6-goNBP3_0EPHASDu7HQgT3qWDivcr1f1s9QqwASTwtj30gOSBQQIBBgBkgUECAUYBKAGLoAHtPT-W6gH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAfVyRuoB6a-G9gHAPIHBBCEph7SCAkIgOGAYBABGF-ACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMzE5ODI2OTUwNjA0OTczNRgA&sigh=ZsTbcT-mpJo&uach_m=[UACH]&template_id=419

Requested by

Host: tarifs-poste.net
URL: https://tarifs-poste.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Oct 2021 09:13:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Oct 2021 09:13:18 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame FB34 18 KB
8 KB 7ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 08:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 08:57:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FB34 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 08:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 08:13:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB34 120 KB
37 KB 71ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 09:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 09:13:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FB34 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 08:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 08:54:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C0F 143 B
163 B 6ms
6ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3198269506049735&output=html&h=600&slotname=7138790397&adk=23912972&adf=3360549415&pi=t.ma~as.7138790397&w=280&fwrn=4&fwrnh=100&lmt=1635066798&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Ftarifs-poste.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635066797429&bpp=4&bdt=479&idt=100&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=1909066784861&frm=20&pv=2&ga_vid=1313271432.1635066797&ga_sid=1635066798&ga_hid=144818564&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1080&ady=668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750574%2C31062937%2C31062944%2C31063253&oid=2&pvsid=1641022289962928&pem=71&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qqrXWErHWq&p=https%3A//tarifs-poste.net&dtd=619

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 24 Oct 2021 08:37:39 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9639 9 KB
3 KB 7ms
6ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Oct 2021 13:46:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9639 26 KB
10 KB 7ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Oct 2021 13:46:49 GMT

GET
H3 200 3d3f008e41275bdda2159039319ccfee.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/ Frame 9639 71 KB
18 KB 8ms
8ms Script
application/x-javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/3d3f008e41275bdda2159039319ccfee.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

e5445bdde0b088b6a6ab9fbe5bf698eed797aa793c675a01de2da251f5bcb230

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 88047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18757
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Sat, 23 Oct 2021 08:45:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Oct 2022 08:45:51 GMT

GET
H3 200 150b3ceb80c00c9258335025a6f58d30.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/ Frame 9639 65 KB
65 KB 8ms
8ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/150b3ceb80c00c9258335025a6f58d30.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

1ee8719d6f1e0d35955f1a0e82a72e543363987d69e5406c92f7edf0105a64a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 220144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 66576
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Thu, 21 Oct 2021 20:04:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 20:04:14 GMT

GET
H3 200 e7737858b0846e286f2971edca237579.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/ Frame 9639 3 KB
3 KB 7ms
7ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/e7737858b0846e286f2971edca237579.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

7d0aa442c307772807f4156422f225c3b8514262e7152364469e947d40a004d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 88047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2639
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Sat, 23 Oct 2021 08:45:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Oct 2022 08:45:51 GMT

GET
H3 200 91eb9d489cc75d71497f45bd548c16dd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/ Frame 9639 8 KB
2 KB 12ms
12ms Image
image/svg+xml 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/91eb9d489cc75d71497f45bd548c16dd.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

43c1a6411670cb9ca5d710d39d56c267a78a5acd565ea30e5b383ac0ca957cc3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 88047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2161
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Sat, 23 Oct 2021 08:45:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Oct 2022 08:45:51 GMT

GET
H3 200 88cc48b74561308fab94aa6b4d4e423f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/ Frame 9639 6 KB
2 KB 11ms
11ms Image
image/svg+xml 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/88cc48b74561308fab94aa6b4d4e423f.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

4e4918e3848ee09cbfffaeacb7adb1b1403acaa575a2adebf1f51ec7933c4d66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 88047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2108
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Sat, 23 Oct 2021 08:45:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Oct 2022 08:45:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C0F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
79ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnDe9SU2vCpUnkb7i8Lxg7x7cOQtE8RJAE156AQMKjxd6GAQYcjJQJruTKbrJY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 24 Oct 2021 09:13:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 24-Oct-2021 10:13:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 24 Oct 2021 09:13:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 24 Oct 2021 09:13:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 9d3e70add8533fedc655a5dc999042f7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/ Frame 9639 2 KB
956 B 7ms
7ms Image
image/svg+xml 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/media/9d3e70add8533fedc655a5dc999042f7.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/829307892173126318/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

f01d0b8537d0845e8219ada9969c31c837ad7b87485c424e135397780d5fb73e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 88046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 924
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 20:42:21 GMT
server: sffe
date: Sat, 23 Oct 2021 08:45:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Oct 2022 08:45:52 GMT

GET
H3 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9639 35 KB
13 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 00:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 00:10:55 GMT

GET
DATA 200
OK truncated
/ Frame FB34 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89b2dda8c90d7946b31a05011e70adcde68e0e763c825bc6d5f2793e606a0727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB34 42 B
64 B 51ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsZpyohhaMj2u5kAYoexeYq7wHtAK7f3IFT5KFW0wK0aM8fKrDPyqY4yzYYwXKNQ4YC-59e0pn72DpaZZXznCKsKrnh0e6MgV2A6fNvM8eEqRuXDveDQ&sai=AMfl-YRAaXRo93IikhA4LozbQl2Bs2ZPwXYQxoAIQ1Z1nK5uXkVCGr37pj7OWki1VgKmHyNlZy_1aYc2lQXv&sig=Cg0ArKJSzJYlKaGN12x0EAE&id=lidar2&mcvt=1001&p=0,0,560,280&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=2&adk=23912972&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635066798866&rpt=152&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 09:13:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 02:30:18	Name: _GRECAPTCHA Value: 09AINsHFcXvcX4mnqlkiVH4ccJiXjw5lxGH_5j7nwRzEAFzSoTjo9oAC-hLBx172WhdQoachKq2iLaZ48KPAgHmIs
.tarifs-poste.net/	1970-01-20 05:24:33	Name: __unic_uid Value: b04455a7-a7e4-b4b8-8c69-177b56855d3c
.tarifs-poste.net/	1970-01-20 15:42:18	Name: _ga Value: GA1.2.1313271432.1635066797
.tarifs-poste.net/	1970-01-19 22:12:33	Name: _gid Value: GA1.2.81913543.1635066797
.tarifs-poste.net/	1970-01-19 22:11:06	Name: _gat Value: 1
.tarifs-poste.net/	1970-01-19 22:54:18	Name: __unic_geo Value: us
.tarifs-poste.net/	1970-01-19 22:21:11	Name: __unic_npa Value: y
.tarifs-poste.net/	1970-01-20 07:32:42	Name: __gads Value: ID=0f750774d3d68438-22f067e3fdca000e:T=1635066798:RT=1635066798:S=ALNI_Mam-DhkVe4UoAOu_Y922QshPvayYw
.doubleclick.net/	1970-01-20 15:42:18	Name: IDE Value: AHWqTUnDe9SU2vCpUnkb7i8Lxg7x7cOQtE8RJAE156AQMKjxd6GAQYcjJQJruTKbrJY
.doubleclick.net/	1970-01-19 22:11:10	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cmp.uniconsent.com
cmp.uniconsent.mgr.consensu.org
edge.uniconsent.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tarifs-poste.net
tpc.googlesyndication.com
traffics.qilink.dev
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.21.32.175
142.250.185.130
142.250.185.131
142.250.185.162
142.250.185.194
142.250.185.225
142.250.185.78
142.250.186.163
142.250.186.66
151.139.128.11
172.217.16.132
172.217.23.98
195.15.226.243
213.186.33.18
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0792da4bfcee2d42d77ce9822fd71f13efa4fb92e556add6891a95545313567a
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0e2160fefe0b02729a87a03ef7f21fe2003b7054a7bbb5c11011c11a51a4156f
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ee8719d6f1e0d35955f1a0e82a72e543363987d69e5406c92f7edf0105a64a6
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
326a1baeca01332481ac55e0b846800dba72ca04e5861349d3a89f6a3f57ab68
399bd440cb9d9711f7a5e6128fcdc6a7fa168eeccff34275c18f7f66721fec27
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42e242b100cba6eb0728de004d296ee4484a888b576356ff13459c1bed5222b8
43c1a6411670cb9ca5d710d39d56c267a78a5acd565ea30e5b383ac0ca957cc3
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49ec7b13f003a340377fc0fb6f87a7ce7ed09e56b4bc1f42a9f5842e3074fff2
4daf059f2f03ff041be3bc175348bee5fd83a13a181083eb9e2c92eff2d3f814
4e4918e3848ee09cbfffaeacb7adb1b1403acaa575a2adebf1f51ec7933c4d66
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5a8405d546e6e3fc0632eaf19c6e8efa7cc45acf8ff40e0226dc67017d6ddb16
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6110202a1818c8b2e8b9605a8914be0ca7dfcbe7b558f944bce45bd1d64fadb5
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
7d0aa442c307772807f4156422f225c3b8514262e7152364469e947d40a004d3
81480cebe2ddeedde1af2e2a6f9eab352094abd78c75464705be2bcbb6e91b54
8217b95a95e7a97ca54d847bacadbd124194fea3838010aa1b543734d352fc34
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
86a53971f88332ec9d0cfd55bd5b68b8844e1ce4cf1de31ad4bcad77998aabcc
89b2dda8c90d7946b31a05011e70adcde68e0e763c825bc6d5f2793e606a0727
8b4daa8aff5bfca98eaa10698b2d1a0af5894450bafba0edba5ae1070c158882
8e4ad13d697ce166f79fed05f8e2df4663a4dea9517b4fa2e41c9282fb155087
90d449ff0d1af5a3bd7392d21f88fa8a635b0e4bc21830084468c457e10ba2e9
9210354f887aca8ef655e21ffb689c226af2735682b9a60eb8393fdb4c051d6b
92db64e30bac85b3ecb8381880c8096c833d4441803c589ce1d4aaa8bd37889c
94fd7f58cc5e8b228b1857335daf734fa0ec8c0f1132395a59ecd2d9688f342c
9be756d418b3de4cdec32c0c9787f2dd096125c7ba037ece71a2b94d4d3a4db5
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61
b5bb424832db8019f3c9e5d896bc25ecf49d1d310974280dffe867929cf30922
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69
baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c6c5418498df41ef9498010d8a3b380ef6d6d4d9fea093869bf3973a3162cc9f
d02c9d16fecc90c9c95f062a05bc3a2fa809933fc98e795f863fb739be409f5a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
de7d83a57048ff2532935b7475428c821c210d597298cf99daff432d2089a5aa
e190e47baea80bf6854ec4ed36b888c09ba0f1b90fded6e0056e2231672b64ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5445bdde0b088b6a6ab9fbe5bf698eed797aa793c675a01de2da251f5bcb230
e59dd93adb670656d3323a3b3bf614209cdd9916dd9ac1acea5fed28a866f0a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f736fd8656a82c60b4d5e4a1f5c8a0d419617a899fcd3e19661c548d79359
f01d0b8537d0845e8219ada9969c31c837ad7b87485c424e135397780d5fb73e
f5f648b8b6109e8100f80b49ed0407174183c513139ec1d248e880f3e512d71f
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

tarifs-poste.net Open in urlscan Pro 213.186.33.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

0 %IPv6

11 Domains

15 Subdomains

15 IPs

3 Countries

1156 kBTransfer

3034 kBSize

10 Cookies

10 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tarifs-poste.net Open in urlscan Pro
213.186.33.18 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1156 kB
Transfer

3034 kB
Size

10
Cookies

74 HTTP transactions
1 data transactions