srv.lamarsuk5.eu Open in urlscan Pro
34.242.149.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.nl.lesbonnesaffaires.club/c/?t=7e75b71-4ii-!8zl-s5f-4f8x!
Effective URL:
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Submission: On August 10 via manual (August 10th 2021, 8:24:40 am UTC) from FR

Summary HTTP 69 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 19 domains to perform 69 HTTP transactions. The main IP is 34.242.149.71, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is srv.lamarsuk5.eu.

This is the only time srv.lamarsuk5.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a05:71c0:200... 2a05:71c0:2000::e	34993 (ODISO-AS) (ODISO-AS)
1 14	34.242.149.71 34.242.149.71	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.98.78 143.204.98.78	16509 (AMAZON-02) (AMAZON-02)
1	52.218.121.218 52.218.121.218	16509 (AMAZON-02) (AMAZON-02)
4	54.155.104.31 54.155.104.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:6400:18:d10d:a940:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
69	25

1 2a05:71c0:2000::e (France) 1 redirects

ASN34993 (ODISO-AS, FR)

t.nl.lesbonnesaffaires.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.242.149.71 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

srv.lamarsuk5.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-78.fra50.r.cloudfront.net

assets.etselonvous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.121.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

natexo-p-static.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.155.104.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-104-31.eu-west-1.compute.amazonaws.com

d.natexo-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:6400:18:d10d:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.oniad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com www.gstatic.com	607 KB
14	lamarsuk5.eu 1 redirects srv.lamarsuk5.eu	49 KB
7	google.com 1 redirects www.google.com	42 KB
4	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
4	natexo-programmatic.com d.natexo-programmatic.com	178 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
3	oniad.com tag.oniad.com	27 KB
2	adform.net track.adform.net	1 KB
2	google.de www.google.de	172 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	yimg.com s.yimg.com	7 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
1	taboola.com cdn.taboola.com	25 KB
1	amazonaws.com natexo-p-static.s3-eu-west-1.amazonaws.com	8 KB
1	etselonvous.com assets.etselonvous.com	4 KB
1	lesbonnesaffaires.club 1 redirects t.nl.lesbonnesaffaires.club	509 B
69	19

	Domain	Requested by
14	srv.lamarsuk5.eu	1 redirects srv.lamarsuk5.eu ajax.googleapis.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	www.google.com	1 redirects srv.lamarsuk5.eu www.gstatic.com www.google.com
4	d.natexo-programmatic.com	srv.lamarsuk5.eu d.natexo-programmatic.com
3	tr.outbrain.com	amplify.outbrain.com srv.lamarsuk5.eu
3	tag.oniad.com	srv.lamarsuk5.eu tag.oniad.com
3	fonts.googleapis.com	srv.lamarsuk5.eu
2	track.adform.net	tag.oniad.com srv.lamarsuk5.eu
2	www.google.de	srv.lamarsuk5.eu
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.google-analytics.com	srv.lamarsuk5.eu www.google-analytics.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	s.yimg.com	srv.lamarsuk5.eu s.yimg.com
2	secure.adnxs.com	1 redirects srv.lamarsuk5.eu
2	www.googletagmanager.com	srv.lamarsuk5.eu
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.taboola.com	srv.lamarsuk5.eu
1	amplify.outbrain.com	srv.lamarsuk5.eu
1	ajax.googleapis.com	srv.lamarsuk5.eu
1	natexo-p-static.s3-eu-west-1.amazonaws.com	srv.lamarsuk5.eu
1	assets.etselonvous.com	srv.lamarsuk5.eu
1	t.nl.lesbonnesaffaires.club	1 redirects
69	23

This site contains links to these domains. Also see Links.

Domain
mon-comparateur.net
comparateur-en-ligne.fr
lesformations-cpf.com
publications.europa.eu

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.mafringue.fr Sectigo RSA Domain Validation Secure Server CA	`2021-06-03` - `2022-05-21`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
tag.oniad.com Amazon	`2021-04-16` - `2022-05-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2021-09-15`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh

This page contains 3 frames:

Primary Page: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Frame ID: 3CC63CB71AEB9F25CCFC77AC65BB768C
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&co=aHR0cDovL3Nydi5sYW1hcnN1azUuZXU6ODA.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=d8s8jeigr5o1
Frame ID: 97A481B08C596C9A23F8A22A375042A5
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y
Frame ID: 83AEBA0E934665EFC60D32B191F71192
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.nl.lesbonnesaffaires.club/c/?t=7e75b71-4ii-!8zl-s5f-4f8x! HTTP 302
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/?origin=13864&email=mnouar%40hauts-de-seine.fr&lastname=... HTTP 302
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

69
Requests

67 %
HTTPS

62 %
IPv6

19
Domains

23
Subdomains

25
IPs

6
Countries

1094 kB
Transfer

2267 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://mon-comparateur.net/politique-de-confidentialite/
Title: politique de confidentalité.

Search URL Search Domain Scan URL

URL: https://comparateur-en-ligne.fr/politique-de-confidentialite/
Title: politique de confidentalité.

Search URL Search Domain Scan URL

URL: https://lesformations-cpf.com/mentions-legales/
Title: politique de confidentalité.

Search URL Search Domain Scan URL

URL: https://publications.europa.eu/fr/publication-detail/-/publication/57a11830-3866-44bf-a03a-0384f7b3d3d6/language-fr
Title: ici

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.nl.lesbonnesaffaires.club/c/?t=7e75b71-4ii-!8zl-s5f-4f8x! HTTP 302
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/?origin=13864&email=mnouar%40hauts-de-seine.fr&lastname=Maikine&firstname=Maikine&zipcode=92200 HTTP 302
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://secure.adnxs.com/px?id=1114422&seg=17940877&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1114422%26seg%3D17940877%26t%3D1

Request Chain 29

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tzcSYfqwGa6e7_UPirusyAs&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tzcSYfqwGa6e7_UPirusyAs&cid=CAQSKQCNIrLMDCLG1MMU9zZ9ayJ46iXyDw_bim576oT_ec_EXFRPFIhxsMak&random=2711753640&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tzcSYfqwGa6e7_UPirusyAs&cid=CAQSKQCNIrLMDCLG1MMU9zZ9ayJ46iXyDw_bim576oT_ec_EXFRPFIhxsMak&random=2711753640&resp=GooglemKTybQhCsO&ipr=y

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request page Show response
srv.lamarsuk5.eu/sv_fr_landparc_0721/
Redirect Chain

https://t.nl.lesbonnesaffaires.club/c/?t=7e75b71-4ii-!8zl-s5f-4f8x!
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/?origin=13864&email=mnouar%40hauts-de-seine.fr&lastname=Maikine&firstname=Maikine&zipcode=92200
http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

14 KB
5 KB

274ms
274ms

Document
text/html

34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e26308527244bd712ca8efc10824afd14f3866aad39b29581307e795a30ff7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Host: srv.lamarsuk5.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Aug 2021 08:24:22 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 4982
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Aug 2021 08:24:22 GMT
Location: /sv_fr_landparc_0721/page
Server: Apache
Set-Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; path=/; HttpOnly srvNxoTrackip=82.102.18.114; expires=Fri, 09-Sep-2022 18:54:22 GMT; Max-Age=34165800; path=/; httponly
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
Content-Length: 344
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 752 B
883 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Aug 2021 08:22:22 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK 5a15c34.css
srv.lamarsuk5.eu/css/ 27 KB
7 KB 44ms
43ms Stylesheet
text/css 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/css/5a15c34.css

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5c2503c9e1cbd43590a0de4cdb66973449ce448c235f7af7097a1829c40deb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:35:25 GMT
Server: Apache
ETag: "6bf5-5c79ee3e60d3e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 6410

GET
H/1.1 200
OK a762b4f.css
srv.lamarsuk5.eu/css/ 8 KB
2 KB 88ms
74ms Stylesheet
text/css 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/css/a762b4f.css

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

25d170aefee8884c311af33b873b7da51eb86d9f2a8d723c4f12736335af178d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:35:16 GMT
Server: Apache
ETag: "1e55-5c79ee35e8dbe-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 1704

GET
H/1.1 200
OK 6156c3a.css
srv.lamarsuk5.eu/css/ 7 KB
2 KB 74ms
60ms Stylesheet
text/css 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/css/6156c3a.css

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0ac3d22afcc42e121ee15428dcacaf0729fbdbcf42afca41db06dfb619641525

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 11:51:12 GMT
Server: Apache
ETag: "1a6f-5c78cab9e21fa-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 1463

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944206798

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5267ff0cf37bfeb79d99c398e7e7c6c99e1b17df68f868b7c52a029f7e14709e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK logo.png
assets.etselonvous.com/SRV/FR/SURVEY15643/ 4 KB
4 KB 288ms
175ms Image
image/png 143.204.98.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.etselonvous.com/SRV/FR/SURVEY15643/logo.png
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-78.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12b6e53995278f31e6068171287d2cdf87ed05482219e4b6a55d4298680c8700

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:24 GMT
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Jun 2021 13:09:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "0f8047763677b4d0b675d044075259fa"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3937
X-Amz-Cf-Id: hEhapVBrg3Mqp7QwlJXalT7LXmw9Q3FC2-_EIZXFlcTXSEFEUmRYaw==

GET
H/1.1 200
OK loading.gif
natexo-p-static.s3-eu-west-1.amazonaws.com/NATEXO/LEADGEN/LOGO/ 7 KB
8 KB 214ms
68ms Image
image/gif 52.218.121.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://natexo-p-static.s3-eu-west-1.amazonaws.com/NATEXO/LEADGEN/LOGO/loading.gif
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21e1e6189d5c173ff83642885f8d240420cffa367946915e862b4f03791e1406

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:24 GMT
Last-Modified: Tue, 08 Dec 2020 15:02:22 GMT
Server: AmazonS3
x-amz-request-id: P7SKAS9CX8ZT4X1S
ETag: "99b84d7313f078045ebe973f15e7032c"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 7507
x-amz-id-2: OcRgxWSlOvErdeC7QEuawzLm0AUfaSYDUeE91bTsy3Viik9y2Bo2x9J3HvooFJxCyRjacpe/lIQ=

GET
H/1.1 200
OK nps
d.natexo-programmatic.com/ 43 B
596 B 240ms
90ms Image
image/gif 54.155.104.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.natexo-programmatic.com/nps?e=mnouar@hauts-de-seine.fr&s=15643&co=fr

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.104.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-104-31.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 04:24:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14391
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33576
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 10 Aug 2022 04:24:32 GMT

GET
H/1.1 200
OK 8fedad0.js Show response
srv.lamarsuk5.eu/js/ 11 KB
4 KB 38ms
37ms Script
application/javascript 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/js/8fedad0.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8bcec3253eec4f4e0faeef2443e628e1466a710ceaa11173b4ac30c777412aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:35:25 GMT
Server: Apache
ETag: "2aef-5c79ee3e60d3e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 3883

GET
H/1.1 200
OK e715d191-289a-4b07-a92a-9d37d08c6198 Show response
tag.oniad.com/ 400 B
984 B 237ms
155ms Script
text/plain 2600:9000:211e:6400:18:d10d:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.oniad.com/e715d191-289a-4b07-a92a-9d37d08c6198
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6400:18:d10d:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab80f3797c35ee8226c8b5bf4aa4953e3166958f4099bfb5f3e73c819b336c61

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:24 GMT
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Mar 2021 12:36:09 GMT
Server: AmazonS3
x-amz-request-id: H18FQ3FX13RHPVBX
ETag: "2e174f0f3a04f3b5ff21abed241ef9ea"
X-Cache: RefreshHit from cloudfront
Content-Type: text/plain
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 400
x-amz-id-2: iETMTPoZ/gR6B492/g/lumPWnImgzMvftKgfgMKYmnV3VO/3cX3D5qOmFP4vow+ML3/a1cjmKro=
X-Amz-Cf-Id: cw_-SYaM5DyZUa-uTXuXV6UKfbiZ4QlJwUKNzi_ZnVw1FD-VbSIa8g==

GET
H/1.1 200
OK b32ae1b.js Show response
srv.lamarsuk5.eu/js/ 60 KB
14 KB 46ms
46ms Script
application/javascript 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/js/b32ae1b.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ad799b81efffa7c62f9d6da5b79d93dbdda0eff2852216ac9edb08fd8109b926

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:35:28 GMT
Server: Apache
ETag: "f07d-5c79ee412e99e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 14083

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
651 B 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bb2d4aa044534807ef8ecfd35152fc826f2f5422daa3930bbe86e82e0ef76dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1114422&seg=17940877&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1114422%26seg%3D17940877%26t%3D1

0
1005 B

28ms
27ms

Script
application/javascript

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1114422%26seg%3D17940877%26t%3D1

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 91e48f52-3613-4cd9-8ca8-5ca2c545ba95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2c45ff72-e93f-4571-957c-9223a642e93f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1114422%26seg%3D17940877%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M94VJMV

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74b5fe844388a1c7d92163948f37f91429231430b55751954db73e08dffe3d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33754
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK fond-body.jpg
srv.lamarsuk5.eu/bundles/websurveyus/images/common/ 2 KB
2 KB 43ms
42ms Image
image/jpeg 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/websurveyus/images/common/fond-body.jpg

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/css/5a15c34.css

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

efaf0a5eda0f475132ae96f46fc9b2e8de2d64b2522398102d414a3d98ff42e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/css/5a15c34.css
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/css/5a15c34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:33:47 GMT
Server: Apache
ETag: "8ac-5c79ede03c3de"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2220

GET
H/1.1 200
OK logo_fr_FR_noSponsor.png
srv.lamarsuk5.eu/bundles/websurveyus/images/common/logo/ 5 KB
5 KB 86ms
70ms Image
image/png 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/websurveyus/images/common/logo/logo_fr_FR_noSponsor.png

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

66fb48a17c760c16ee4d493d6b29a97fcdc3e1d304d2be725cd93709fd3e2230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 11:50:11 GMT
Server: Apache
ETag: "1455-5c78ca8055929"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5205

GET
H/1.1 200
OK picto-power-600.png
srv.lamarsuk5.eu/bundles/websurveyus/images/common/ 1 KB
2 KB 76ms
61ms Image
image/png 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/websurveyus/images/common/picto-power-600.png

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/css/a762b4f.css

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

bc54397fe4979c1dff90f382051073ce9915d1ba809f1862a9c72c94fcdf9d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/css/a762b4f.css
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/css/a762b4f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Jul 2021 13:11:48 GMT
Server: Apache
ETag: "525-5c7b60791d5c7"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1317

GET
H/1.1 200
OK coin_17x17.png
srv.lamarsuk5.eu/bundles/websurvey/images/user/ 884 B
1 KB 53ms
38ms Image
image/png 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/websurvey/images/user/coin_17x17.png

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/css/a762b4f.css

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0c362cdc3d2c8c2be59958f51738f5b325dd6cbc8fdc894b2894c3b38f472ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/css/a762b4f.css
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/css/a762b4f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 11:50:11 GMT
Server: Apache
ETag: "374-5c78ca8011366"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 884

GET
H/1.1 200
OK SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.lamarsuk5.eu
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 03:15:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 02:52:18 GMT
Server: sffe
Age: 277744
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 22340
X-XSS-Protection: 0
Expires: Sun, 07 Aug 2022 03:15:19 GMT

GET
H/1.1 200
OK SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.lamarsuk5.eu
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 12:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 01:56:42 GMT
Server: sffe
Age: 590826
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 21232
X-XSS-Protection: 0
Expires: Wed, 03 Aug 2022 12:17:17 GMT

GET
H/1.1 200
OK LaJs.js Show response
d.natexo-programmatic.com/compiled/ 16 KB
5 KB 175ms
46ms Script
application/javascript 54.155.104.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/compiled/LaJs.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.104.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-104-31.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

376934e8867370abb344a6dddeba9d24c1976541fdaf32849263ca031e3474ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Aug 2021 09:32:28 GMT
Server: Apache
ETag: "3f06-5c8cc98eb6300-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 4698

GET
H/1.1 200
OK picto-footer.png
srv.lamarsuk5.eu/bundles/websurveyus/images/common/ 2 KB
2 KB 76ms
74ms Image
image/png 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/websurveyus/images/common/picto-footer.png

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/css/5a15c34.css

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

35e14f92d44e383930a2a31d8ff3d464ea0dbea9d1e1e0256ba07658b809345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/css/5a15c34.css
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/css/5a15c34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 11:50:11 GMT
Server: Apache
ETag: "773-5c78ca8057869"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1907

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 68ms
52ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://amplify.outbrain.com/cp/obtp.js
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Tue, 10 Aug 2021 08:44:23 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 21ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 10 Aug 2021 07:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2846
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: WehsOjGrItchAfDWtkZSeM0qHjVFy1uuKMQWt6PncLAwCf1Lokk7+p/KOYTYt+AEN6cHJlvBHUM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 6DFBK6KPQXAD0RPX
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK tfa.js Show response
cdn.taboola.com/libtrc/unip/1371181/ 74 KB
25 KB 49ms
33ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/unip/1371181/tfa.js
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ed3418eeec452b5c7f900858ad1cc9a2aca87ef8badc9356e2763f411525c06

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .t3CesQjDxmm9lOGx2AQT_Z2B9QwPFJ6
Content-Encoding: gzip
ETag: "786c6f5eb9131b3415a881ca4bf2a3fe"
Age: 2
X-Cache: HIT
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 24762
x-amz-id-2: E7fTKT7yDelMrv5YdubQM+NmeGpu0FHMau+DoIuhk3ws77puJa+XdOgMT0d6d/nVUzBRg8DAjXI=
X-Served-By: cache-fra19121-FRA
Last-Modified: Mon, 09 Aug 2021 10:16:42 GMT
Server: AmazonS3
X-Timer: S1628583863.298317,VS0,VE1
Date: Tue, 10 Aug 2021 08:24:23 GMT
Vary: Accept-Encoding
x-amz-request-id: 3YS647WJSH84TNYA
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 2
X-Cache-Hits: 1

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 41ms
41ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944206798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.lamarsuk5.eu
Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 07:07:03 GMT

GET
H2 200 10073848.json Show response
s.yimg.com/wi/config/ 2 B
496 B 119ms
107ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10073848.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: P7SHNQ052X5Z3KBT
x-amz-id-2: IzHBlyoN17Uh8shEQ3FqCaIQX41hPTr2XeRGmUO3bNk9dT/XSCXV8jYVETPjys5s52p3xJFBP+g=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4242
date: Tue, 10 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 10 Aug 2021 09:13:41 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK sponsors-logo Show response
srv.lamarsuk5.eu/sv_fr_landparc_0721/ 0
331 B 80ms
79ms XHR
text/html 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://srv.lamarsuk5.eu/sv_fr_landparc_0721/sponsors-logo

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: http://srv.lamarsuk5.eu
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114; _gcl_au=1.1.1749801330.1628583863
Connection: keep-alive
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Content-Length: 0
Accept: */*
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 25

GET
H/1.1 200
OK ico-cross-cookie.png
srv.lamarsuk5.eu/bundles/natexotool/images/ 1 KB
1 KB 42ms
42ms Image
image/png 34.242.149.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://srv.lamarsuk5.eu/bundles/natexotool/images/ico-cross-cookie.png

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

HTTP/1.1

Server

34.242.149.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-149-71.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b2cece1c9751fca2d54d1486f6137eaefe17d8c589c165980d17a1aa3fde046e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: srv.lamarsuk5.eu
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Cookie: PHPSESSID=minummt4q7bhcc31mv4hfk4tr0; srvNxoTrackip=82.102.18.114; _gcl_au=1.1.1749801330.1628583863
Connection: keep-alive
Cache-Control: no-cache
Referer: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 11:50:11 GMT
Server: Apache
ETag: "453-5c78ca804bce8"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 97A4 39 KB
20 KB 36ms
36ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&co=aHR0cDovL3Nydi5sYW1hcnN1azUuZXU6ODA.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=d8s8jeigr5o1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ac9d09ba596ebabd4e9d4ffe4ccec57ebd532cd44ffae6d149cdb10638a9672

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pb+jVPbqawo14MtvRxCrOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&co=aHR0cDovL3Nydi5sYW1hcnN1azUuZXU6ODA.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=d8s8jeigr5o1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://srv.lamarsuk5.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://srv.lamarsuk5.eu/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 08:24:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-Pb+jVPbqawo14MtvRxCrOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20559
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 191ms
175ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.outbrain.com/cachedClickId?marketerId=00518f88455fded317d898befa73fa51ee
Requested by: Host: amplify.outbrain.com
URL: http://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
X-TraceId: 550ddb45135930cb784f8a0d8c0b30df
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 179ms
163ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.outbrain.com/unifiedPixel?marketerId=00518f88455fded317d898befa73fa51ee&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&optOut=false&bust=07354266350074292
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Cache-Control: no-cache
X-TraceId: 3787c497839a17bebd4d7138d472e28d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 178ms
163ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.outbrain.com/unifiedPixel?marketerId=00518f88455fded317d898befa73fa51ee&obApiVersion=1.1&obtpVersion=1.5.1&name=Lead-FR&dl=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&optOut=false&bust=045010605097669854
Requested by: Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Cache-Control: no-cache
X-TraceId: 20b985975feae522175bd38f4b8579cc
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/?random=1628583863365&cv=9&fst=1628583863365&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

286b3d989db1c7e4b4750e002f120b731d925e2d39ab1a098619b2598e94b050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/944206798/ 2 KB
1 KB 66ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944206798/?random=1628583863367&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

44bfa0fa53aba15f67bb734ed1c5a504cedc3b56f61ea57871fe9e2f19d63c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1158
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=823878297&t=pageview&_s=1&dl=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&ul=en-us&de=UTF-8&dt=F%C3%A9licitations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2122962834&gjid=1387990586&cid=2032695014.1628583863&tid=UA-91752432-1&_gid=77357995.1628583863&_r=1&_slc=1&cd1=sv_fr_landparc_0721&cd3=FR&cd2=sv_fr_landparc_0721&cd4=FR&z=1407865105

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://srv.lamarsuk5.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/944206798/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944206798/?random=1628583863365&cv=9&fst=1628582400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&async=1&fmt=3&is_vtc=1&random=565227372&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/944206798/ 42 B
108 B 22ms
22ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/944206798/?random=1628583863365&cv=9&fst=1628582400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&async=1&fmt=3&is_vtc=1&random=565227372&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 97A4 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&co=aHR0cDovL3Nydi5sYW1hcnN1azUuZXU6ODA.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=d8s8jeigr5o1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 07:51:45 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 97A4 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 16:17:30 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-91752432-1&cid=2032695014.1628583863&jid=2122962834&gjid=1387990586&_gid=77357995.1628583863&_u=YEBAAEAAAAAAAC~&z=1719075732

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 Aug 2021 08:24:23 GMT
content-type: text/plain
access-control-allow-origin: http://srv.lamarsuk5.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 97A4 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 30233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 17 Aug 2021 00:00:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 97A4 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 39422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 97A4 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 583085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 14:26:18 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 97A4 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&co=aHR0cDovL3Nydi5sYW1hcnN1azUuZXU6ODA.&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=invisible&cb=d8s8jeigr5o1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK a Show response
d.natexo-programmatic.com/lad/show/53/1/ 166 KB
167 KB 166ms
166ms Fetch
application/json 54.155.104.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/lad/show/53/1/a?email=mnouar@hauts-de-seine.fr&first=MAIKINE&name=nouar&sex=Mrs&phone=&dob=1968-12-26&zip=92200&ads=[10727,10946,10514]&qthem=W10=

Requested by

Host: d.natexo-programmatic.com
URL: https://d.natexo-programmatic.com/compiled/LaJs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.104.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-104-31.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1473bcc4accadd13fe51c8f63223db0d3afd45e11ffc6985f7db99e2d786f801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: application/json
Access-Control-Allow-Origin: http://srv.lamarsuk5.eu
Cache-Control: max-age=0, must-revalidate, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
transfer-encoding: chunked

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/944206798/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

20ms
20ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tzcSYfqwGa6e7_UPirusyAs&cid=CAQSKQCNIrLMDCLG1MMU9zZ9ayJ46iXyDw_bim576oT_ec_EXFRPFIhxsMak&random=2711753640&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 08:24:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/944206798/?random=530259941&cv=9&fst=1628583863367&num=1&label=Bp9pCIuX4ZoBEM7nncID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&tiba=F%C3%A9licitations&auid=1749801330.1628583863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tzcSYfqwGa6e7_UPirusyAs&cid=CAQSKQCNIrLMDCLG1MMU9zZ9ayJ46iXyDw_bim576oT_ec_EXFRPFIhxsMak&random=2711753640&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tag.oniad.com/f3ec91a0-7c7f-4a8f-824e-1656f3dd690c/ 817 B
1 KB 136ms
135ms Script
text/plain 2600:9000:211e:6400:18:d10d:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.oniad.com/f3ec91a0-7c7f-4a8f-824e-1656f3dd690c/
Requested by: Host: tag.oniad.com
URL: https://tag.oniad.com/e715d191-289a-4b07-a92a-9d37d08c6198
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6400:18:d10d:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b37fba7e7e220d7d9d787d5a1f72780069a3d10e1d2846bd9bac65da7b1a569

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:24 GMT
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Mar 2021 12:36:09 GMT
Server: AmazonS3
x-amz-request-id: X4DFBJQ68MZAZ0QC
ETag: "50f6a1e175b1e7fb61828a1f32cc7b62"
X-Cache: RefreshHit from cloudfront
Content-Type: text/plain
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 817
x-amz-id-2: ypkeLMYmDowaQLas0O0qnZMp9HPJ+PB7KLoUx/kEcxKq+pLi2szT0vzKZE9inC74AyRXIp2NO0Q=
X-Amz-Cf-Id: ItFg-VO4ScXb8Ox6lZX9hwGpTUEtf5QYqMJpiLELgWCViPt4N1nZ7Q==

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 83AE 7 KB
1 KB 27ms
26ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38053d31651627340fa75e57404f0a022e3dcf4c580f43f6c3edee350176edbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0qhOARYB+xjP7tK1aWOgyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://srv.lamarsuk5.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://srv.lamarsuk5.eu/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 08:24:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-0qhOARYB+xjP7tK1aWOgyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 83AE 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 07:51:45 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 83AE 341 KB
133 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135980
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 02:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 16:17:30 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 83AE 34 KB
20 KB 49ms
49ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dd70a051fd46419490934bf43c38cb35f574d07ea0222ac392d7efe7815d7eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 10 Aug 2021 08:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20587
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK 5498gjsklg Show response
tag.oniad.com/s/ 76 KB
25 KB 148ms
148ms Script
application/javascript 2600:9000:211e:6400:18:d10d:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.oniad.com/s/5498gjsklg
Requested by: Host: tag.oniad.com
URL: https://tag.oniad.com/f3ec91a0-7c7f-4a8f-824e-1656f3dd690c/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6400:18:d10d:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jun 2019 10:18:21 GMT
Server: AmazonS3
x-amz-request-id: 1W50K3WBCJBKPNT8
ETag: W/"1048df1f3aa41f731f89b42748316039"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: mnp9jW5aY5TaxT8wMt9pKrmPYki3hkm43950z4VvWLY1oLCMTKnQGQ==
x-amz-id-2: VsdcWqdyrOEktQ5ctZMa5FFXSW+n9avS21IQj7L+dlQHYwQCrWOuT5kMmlRLwBQowahM9r2RKos=

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b4918528b057719b46f65065159945283b5ddef87093a9f60a48d24d3dbab2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 06:52:38 GMT
server: ESF
date: Tue, 10 Aug 2021 08:24:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
635 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans+Narrow:wght@400;700&display=swap

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b68cd6b717f9993bffe49e3a6672bccd40c90e7c585b17061b1ec5121a2279c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 07:49:23 GMT
server: ESF
date: Tue, 10 Aug 2021 08:24:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 08:24:23 GMT

GET
H/1.1 200
OK LaJsFormCd.js Show response
d.natexo-programmatic.com/compiled/ 27 KB
6 KB 44ms
43ms Script
application/javascript 54.155.104.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.natexo-programmatic.com/compiled/LaJsFormCd.js

Requested by

Host: d.natexo-programmatic.com
URL: https://d.natexo-programmatic.com/compiled/LaJs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.104.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-104-31.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5d2b7ba59111889fa70665eb2a53a3c09bd9ae4993e9eb43739a98af52b2efaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Aug 2021 09:32:28 GMT
Server: Apache
ETag: "6d97-5c8cc98eb6300-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 5629

GET
H3-29 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v12/ 35 KB
35 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v12/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans+Narrow:wght@400;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5818f55583b8a82745bf0b1d9cbc07c0411088fb5a837ff5a15b5a745ccdcd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.lamarsuk5.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:08:28 GMT
x-content-type-options: nosniff
age: 47755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36268
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 19:08:28 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://srv.lamarsuk5.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options: nosniff
age: 318053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:30 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 83AE 600 B
622 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:48:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 45370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Mon, 16 Aug 2021 19:48:13 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 83AE 530 B
552 B 7ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 10:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 598827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 10 Aug 2021 10:03:56 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 83AE 665 B
687 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 22:47:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 34605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:47:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 83AE 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 39422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 83AE 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6LeaHEYUAAAAAJVolhe-EXsmFBGL788PfGW4bTsJ&cb=v4kak03mf73y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 583085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 14:26:18 GMT

GET
H/1.1 200
OK / Show response
track.adform.net/Serving/TrackPoint/ 240 B
779 B 76ms
62ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

http://track.adform.net/Serving/TrackPoint/?pm=2300904&ADFPageName=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage&ADFdivider=%7C&ord=883606746197&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fsrv.lamarsuk5.eu%2Fsv_fr_landparc_0721%2Fpage

Requested by

Host: tag.oniad.com
URL: https://tag.oniad.com/s/5498gjsklg

Protocol

HTTP/1.1

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c4f728803d7a40d82d3a4581ff2d48705381829df651311a4e57257ab248c8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 08:24:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=90
Content-Length: 280
Expires: -1

GET
H2 200 inv
track.adform.net/serving/ 35 B
250 B 113ms
37ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/serving/inv

Requested by

Host: srv.lamarsuk5.eu
URL: http://srv.lamarsuk5.eu/sv_fr_landparc_0721/page

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://srv.lamarsuk5.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 Aug 2021 08:24:24 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/recaptcha	1970-01-20 00:42:15	Name: _GRECAPTCHA Value: 09AFNIW6b6Aj0-PolSlJkGaxU28kowqCAfktxCix_0v0Nhf7TgQOj__ZucuAgcG3IKWlNy_BMEkeFYglQqoeU29Pg
srv.lamarsuk5.eu/	1970-01-19 20:23:04	Name: outbrain_cid_fetch Value: true
.lamarsuk5.eu/	1970-01-19 20:24:30	Name: _gid Value: GA1.2.77357995.1628583863
.lamarsuk5.eu/	1970-01-19 22:32:39	Name: _gcl_au Value: 1.1.1749801330.1628583863
.lamarsuk5.eu/	1970-01-20 13:54:15	Name: _ga Value: GA1.2.2032695014.1628583863
srv.lamarsuk5.eu/	1970-01-20 05:52:29	Name: srvNxoTrackip Value: 82.102.18.114
.lamarsuk5.eu/	1970-01-19 20:23:03	Name: _gat Value: 1
srv.lamarsuk5.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: minummt4q7bhcc31mv4hfk4tr0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.taboola.com/libtrc/unip/1371181/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"LeadNew1","id":1371181,"tim":1628583863360}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://d.natexo-programmatic.com/compiled/LaJs.js(Line 1) Message: %cLeadAds%c init padding: 2px; border-top-left-radius: 4px; border-bottom-left-radius: 4px; background-color: #0030ff; color: white; font-weight: bold; border:1px solid #0030ff; padding: 2px; color: black; font-weight: normal; background-color:white; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border:1px solid #0030ff;
console-api	log	URL: https://d.natexo-programmatic.com/compiled/LaJs.js(Line 1) Message: %cLeadAds%c show [v1_coreg_classic] i_53 padding: 2px; border-top-left-radius: 4px; border-bottom-left-radius: 4px; background-color: #0030ff; color: white; font-weight: bold; border:1px solid #0030ff; padding: 2px; color: black; font-weight: normal; background-color:white; border-top-right-radius: 4px; border-bottom-right-radius: 4px; border:1px solid #0030ff;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
assets.etselonvous.com
cdn.taboola.com
d.natexo-programmatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
natexo-p-static.s3-eu-west-1.amazonaws.com
s.yimg.com
secure.adnxs.com
srv.lamarsuk5.eu
stats.g.doubleclick.net
t.nl.lesbonnesaffaires.club
tag.oniad.com
tr.outbrain.com
track.adform.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
143.204.98.78
151.101.13.44
172.217.23.98
2.18.234.190
2600:9000:211e:6400:18:d10d:a940:93a1
2a00:1288:80:800::7000
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:803::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a05:71c0:2000::e
34.242.149.71
37.157.3.30
37.252.173.22
52.218.121.218
54.155.104.31
64.202.112.31
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
0ac3d22afcc42e121ee15428dcacaf0729fbdbcf42afca41db06dfb619641525
0c362cdc3d2c8c2be59958f51738f5b325dd6cbc8fdc894b2894c3b38f472ece
0ed3418eeec452b5c7f900858ad1cc9a2aca87ef8badc9356e2763f411525c06
12b6e53995278f31e6068171287d2cdf87ed05482219e4b6a55d4298680c8700
1473bcc4accadd13fe51c8f63223db0d3afd45e11ffc6985f7db99e2d786f801
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21e1e6189d5c173ff83642885f8d240420cffa367946915e862b4f03791e1406
25d170aefee8884c311af33b873b7da51eb86d9f2a8d723c4f12736335af178d
286b3d989db1c7e4b4750e002f120b731d925e2d39ab1a098619b2598e94b050
2ac9d09ba596ebabd4e9d4ffe4ccec57ebd532cd44ffae6d149cdb10638a9672
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35e14f92d44e383930a2a31d8ff3d464ea0dbea9d1e1e0256ba07658b809345a
376934e8867370abb344a6dddeba9d24c1976541fdaf32849263ca031e3474ee
38053d31651627340fa75e57404f0a022e3dcf4c580f43f6c3edee350176edbc
3b4918528b057719b46f65065159945283b5ddef87093a9f60a48d24d3dbab2b
3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749
3dd70a051fd46419490934bf43c38cb35f574d07ea0222ac392d7efe7815d7eb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44bfa0fa53aba15f67bb734ed1c5a504cedc3b56f61ea57871fe9e2f19d63c05
4b37fba7e7e220d7d9d787d5a1f72780069a3d10e1d2846bd9bac65da7b1a569
5267ff0cf37bfeb79d99c398e7e7c6c99e1b17df68f868b7c52a029f7e14709e
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5818f55583b8a82745bf0b1d9cbc07c0411088fb5a837ff5a15b5a745ccdcd58
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2503c9e1cbd43590a0de4cdb66973449ce448c235f7af7097a1829c40deb0f
5d2b7ba59111889fa70665eb2a53a3c09bd9ae4993e9eb43739a98af52b2efaa
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1
66fb48a17c760c16ee4d493d6b29a97fcdc3e1d304d2be725cd93709fd3e2230
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74b5fe844388a1c7d92163948f37f91429231430b55751954db73e08dffe3d14
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8bcec3253eec4f4e0faeef2443e628e1466a710ceaa11173b4ac30c777412aaa
9bb2d4aa044534807ef8ecfd35152fc826f2f5422daa3930bbe86e82e0ef76dc
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
ab80f3797c35ee8226c8b5bf4aa4953e3166958f4099bfb5f3e73c819b336c61
ad799b81efffa7c62f9d6da5b79d93dbdda0eff2852216ac9edb08fd8109b926
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2cece1c9751fca2d54d1486f6137eaefe17d8c589c165980d17a1aa3fde046e
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
b68cd6b717f9993bffe49e3a6672bccd40c90e7c585b17061b1ec5121a2279c7
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bc54397fe4979c1dff90f382051073ce9915d1ba809f1862a9c72c94fcdf9d66
c4f728803d7a40d82d3a4581ff2d48705381829df651311a4e57257ab248c8e7
e26308527244bd712ca8efc10824afd14f3866aad39b29581307e795a30ff7c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaf0a5eda0f475132ae96f46fc9b2e8de2d64b2522398102d414a3d98ff42e9
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

srv.lamarsuk5.eu Open in urlscan Pro 34.242.149.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

67 %HTTPS

62 %IPv6

19 Domains

23 Subdomains

25 IPs

6 Countries

1094 kBTransfer

2267 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

srv.lamarsuk5.eu Open in urlscan Pro
34.242.149.71 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

67 %
HTTPS

62 %
IPv6

19
Domains

23
Subdomains

25
IPs

6
Countries

1094 kB
Transfer

2267 kB
Size

8
Cookies

69 HTTP transactions
0 data transactions