www.offremedia.com Open in urlscan Pro
54.76.137.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Submission: On February 20 via api (February 20th 2020, 3:57:14 pm UTC) from BE

Summary HTTP 87 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 13 domains to perform 87 HTTP transactions. The main IP is 54.76.137.79, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.offremedia.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 8th 2020. Valid for: 3 months.

This is the only time www.offremedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	54.76.137.79 54.76.137.79	16509 (AMAZON-02) (AMAZON-02)
1	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2606:4700:10:... 2606:4700:10::6814:a25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1 10	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
12	34.243.240.54 34.243.240.54	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	34.253.156.178 34.253.156.178	16509 (AMAZON-02) (AMAZON-02)
2	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.17.186.136 2.17.186.136	16625 (AKAMAI-AS) (AKAMAI-AS)
4	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a02:6ea0:c71... 2a02:6ea0:c710::2	60068 (CDN77) (CDN77)
1	54.172.89.8 54.172.89.8	14618 (AMAZON-AES) (AMAZON-AES)
3	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff10	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
2	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.72.218.230 54.72.218.230	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.43 185.86.137.43	201081 (SMARTADSE...) (SMARTADSERVER)
87	22

33 54.76.137.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: gw.eu.platform.sh

www.offremedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.113 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:a25 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sac.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.86.138.32 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

www14.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.243.240.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com

antenna.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.156.178 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-156-178.eu-west-1.compute.amazonaws.com

logs11.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.186.136 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-136.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c710::2 (Germany)

ASN60068 (CDN77, GB)

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.89.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-89-8.compute-1.amazonaws.com

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4a0:1338:28::c38a:ff10 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b25 (United States)

ASN13335 (CLOUDFLARENET, US)

geoworker.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.218.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-218-230.eu-west-1.compute.amazonaws.com

optchk.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.43 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	offremedia.com www.offremedia.com	734 KB
18	ayads.co 1 redirects ads.ayads.co sac.ayads.co antenna.ayads.co geoworker.ayads.co optchk.ayads.co cdn.ayads.co	783 KB
11	smartadserver.com 1 redirects www14.smartadserver.com www8.smartadserver.com	13 KB
6	sascdn.com ced.sascdn.com ced-ns.sascdn.com creatives.sascdn.com	233 KB
5	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	2 KB
4	outbrain.com widgets.outbrain.com odb.outbrain.com	42 KB
3	facebook.net connect.facebook.net	153 KB
2	cheqzone.com ob.cheqzone.com obs.cheqzone.com	16 KB
2	addthis.com s7.addthis.com	225 KB
2	xiti.com 1 redirects logs11.xiti.com	733 B
2	facebook.com www.facebook.com	359 B
1	moatads.com z.moatads.com	1 KB
1	googleapis.com fonts.googleapis.com	2 KB
87	13

	Domain	Requested by
33	www.offremedia.com	www.offremedia.com sac.ayads.co
12	antenna.ayads.co	www.offremedia.com
10	www14.smartadserver.com	1 redirects ced.sascdn.com
4	log.outbrainimg.com	widgets.outbrain.com
3	ced-ns.sascdn.com	www14.smartadserver.com
3	widgets.outbrain.com	www.offremedia.com widgets.outbrain.com
3	connect.facebook.net	www.offremedia.com connect.facebook.net
2	cdn.ayads.co
2	creatives.sascdn.com
2	s7.addthis.com	www.offremedia.com
2	logs11.xiti.com	1 redirects www.offremedia.com
2	www.facebook.com	www.offremedia.com
1	www8.smartadserver.com	sac.ayads.co
1	optchk.ayads.co	sac.ayads.co
1	geoworker.ayads.co	sac.ayads.co
1	odb.outbrain.com	widgets.outbrain.com
1	obs.cheqzone.com	ob.cheqzone.com
1	ob.cheqzone.com	widgets.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	www.offremedia.com
1	sac.ayads.co	www.offremedia.com
1	ads.ayads.co	1 redirects
1	ced.sascdn.com	www.offremedia.com
87	24

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.agencemediadelannee.fr
www.addthis.com
www14.smartadserver.com

Subject Issuer	Validity	Valid
offremedia.com Let's Encrypt Authority X3	`2020-01-08` - `2020-04-07`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.ayads.co DigiCert SHA2 Secure Server CA	`2018-06-15` - `2020-06-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.xiti.com Thawte RSA CA 2018	`2019-03-12` - `2020-05-22`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2019-02-24` - `2020-05-25`	a year	crt.sh
ob.cheqzone.com Let's Encrypt Authority X3	`2020-02-18` - `2020-05-18`	3 months	crt.sh
obs.cheqzone.com Let's Encrypt Authority X3	`2019-12-24` - `2020-03-23`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-14` - `2020-07-25`	5 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Frame ID: 1DAE25FD81DBE8A5334D4BF790151BC8
Requests: 85 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: D1D4503761ECD15BA553104B92549754
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: C5F43BC17FA6991F2EC261FAFAA07A42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

87
Requests

100 %
HTTPS

36 %
IPv6

13
Domains

24
Subdomains

22
IPs

6
Countries

2204 kB
Transfer

4049 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/offremedia
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/offremedia
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/offremedia
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://www.agencemediadelannee.fr/
Title: Prix agence média de l'année France

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=300

Search URL Search Domain Scan URL

URL: https://www14.smartadserver.com/click?imgid=25103281&insid=9325077&pgid=1139768&ckid=1616266236683066176&uii=302689291954711496&acd=1582214214808&pubid=21&tmstp=4094383689&tgt=%24dt%3d1t%3b%24dt%3d1t%3b%24hc&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3dtw2%3b%24qt%3d78_2531_69948t%3b%24dma%3d0%3b%24b%3d16740%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&envtype=0&imptype=0&pgDomain=https%3a%2f%2fwww.offremedia.com%2frakuten-cree-sa-regie-rakuten-advertising&go=http%3a%2f%2fwww.nrjglobal.com%2f

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ads.ayads.co/ajs.php?zid=883 HTTP 302
https://sac.ayads.co/sublime/883

Request Chain 42

https://logs11.xiti.com/hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}&ref= HTTP 302
https://logs11.xiti.com/hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}&ref=&Rdt=On

Request Chain 48

https://www14.smartadserver.com/3511/call HTTP 307
https://www14.smartadserver.com/3511/call?cklb=1

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rakuten-cree-sa-regie-rakuten-advertising Show response
www.offremedia.com/ 51 KB
10 KB 110ms
29ms Document
text/html 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

cbb739e9914511fd9e220c9d759603a415d18d6c2bcbb7cf93fe4bd03ef9f0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.offremedia.com
:scheme: https
:path: /rakuten-cree-sa-regie-rakuten-advertising
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
cache-control: public, max-age=600
content-encoding: gzip
content-language: fr
content-type: text/html; charset=utf-8
date: Thu, 20 Feb 2020 15:56:54 GMT
etag: "1582214094-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 20 Feb 2020 15:54:54 GMT
link: <https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising>; rel="canonical",<https://www.offremedia.com/node/152042>; rel="shortlink"
strict-transport-security: max-age=0
vary: Cookie Accept-Encoding
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-platform-cache: HIT
x-platform-cluster: yom7bnys4shvu-master
x-platform-processor: yom7bnys4shvu-master--php
x-platform-router: yom7bnys4shvu-master--router
x-request-id: tkhrbfy42vmrf6p4a2bylikt
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 css_gEIRHNajO496bMahEquHPCn8-9ohrSlpkIdV9r2WMWQ.css
www.offremedia.com/sites/default/files/css/ 32 KB
6 KB 31ms
29ms Stylesheet
text/css 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/css/css_gEIRHNajO496bMahEquHPCn8-9ohrSlpkIdV9r2WMWQ.css

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

8042111cd6a33b8f7a6cc6a112ab873c29fcfbda21ad2969908755f6bd963164

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 6242
x-request-id: rlawhfqgiavmkaq7nvqz4lox
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-1862"
x-platform-cluster: yom7bnys4shvu-master
content-type: text/css
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 css_sL40L37joJdktbtKDCmfgf38nDMuUcepLsdzrPT6x5E.css
www.offremedia.com/sites/default/files/css/ 8 KB
2 KB 56ms
55ms Stylesheet
text/css 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/css/css_sL40L37joJdktbtKDCmfgf38nDMuUcepLsdzrPT6x5E.css

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

b0be342f7ee3a09764b5bb4a0c299f81fdfc9c332e51c7a92ec773acf4fac791

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1982
x-request-id: fhmrwnyta52h7nymtllf2gwt
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-7be"
x-platform-cluster: yom7bnys4shvu-master
content-type: text/css
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
www.offremedia.com/sites/default/files/css/ 221 KB
29 KB 57ms
55ms Stylesheet
text/css 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

411c72cbcafe8725a416982cef10827926ef7dc045f7742e4852eb82fff1adc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 29750
x-request-id: 35cerjorlfrpduehpfq55vqd
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-7436"
x-platform-cluster: yom7bnys4shvu-master
content-type: text/css
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_a8MyAHRjajLu6SNTDzhm_ZUhUeIq_Ao6d-T9QrOU9BI.js Show response
www.offremedia.com/sites/default/files/js/ 91 KB
32 KB 30ms
29ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_a8MyAHRjajLu6SNTDzhm_ZUhUeIq_Ao6d-T9QrOU9BI.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

6bc3320074636a32eee923530f3866fd952151e22afc0a3a77e4fd42b394f412

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 32733
x-request-id: ornwf3y6gzxvgjtiksw2ef34
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-7fdd"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_BsBZkU29GcJoBkgYF5uAjRujXtzaByelLu6-99fwniY.js Show response
www.offremedia.com/sites/default/files/js/ 36 KB
13 KB 46ms
45ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_BsBZkU29GcJoBkgYF5uAjRujXtzaByelLu6-99fwniY.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

06c059914dbd19c268064818179b808d1ba35edcda0727a52eeebef7d7f09e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 12714
x-request-id: h55wobh3b3n56p74eipu2kij
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-31aa"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_H7q2xORKmR9AN8Qx5spKEIBp7R_wG2apAswJoCUZY7I.js Show response
www.offremedia.com/sites/default/files/js/ 4 KB
1 KB 57ms
55ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_H7q2xORKmR9AN8Qx5spKEIBp7R_wG2apAswJoCUZY7I.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

1fbab6c4e44a991f4037c431e6ca4a108069ed1ff01b66a902cc09a0251963b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1345
x-request-id: dokrlxgscaf77hw44rjfhrdd
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-541"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js Show response
www.offremedia.com/sites/default/files/js/ 2 KB
670 B 56ms
55ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 600
x-request-id: a4bp4lmgdg6edkirbyqkl22s
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-258"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_t34VqeMZvB1h9f3HFPaL0W7RXDhlkaofZQ9obnSgxTo.js Show response
www.offremedia.com/sites/default/files/js/ 33 KB
11 KB 47ms
45ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_t34VqeMZvB1h9f3HFPaL0W7RXDhlkaofZQ9obnSgxTo.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

b77e15a9e319bc1d61f5fdc714f68bd16ed15c386591aa1f650f686e74a0c53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 10928
x-request-id: sjm7npky4jdkyazdnwvp5bpy
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-2ab0"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3511/ 24 KB
10 KB 96ms
31ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3511/smart.js
Requested by: Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 91001be7e7491dd5ba8bbefbdc26e07ca310d277285c39788d03312023bcca76

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=41
Content-Length: 10318
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H2 200 js_ee1WQKK6bP6G8I5jfCEN-qu65NtvpPVgQ01KWm3T5nA.js Show response
www.offremedia.com/sites/default/files/js/ 11 KB
3 KB 56ms
55ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_ee1WQKK6bP6G8I5jfCEN-qu65NtvpPVgQ01KWm3T5nA.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

79ed5640a2ba6cfe86f08e637c210dfaabbae4db6fa4f560434d4a5a6dd3e670

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 2509
x-request-id: zl7ap2dqydufz754uumcsjvl
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-9cd"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2

200

883 Show response
sac.ayads.co/sublime/
Redirect Chain

https://ads.ayads.co/ajs.php?zid=883
https://sac.ayads.co/sublime/883

469 KB
148 KB

14ms
13ms

Script
application/javascript

2606:4700:10::6814:a25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sac.ayads.co/sublime/883
Requested by: Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e168983731cd1ca7c4d1ef24ead503d31e952284507c581a4da0a8df4a38d81

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1339
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
cf-ray: 5681ac56ceca9704-FRA
expires: Thu, 20 Feb 2020 16:04:47 GMT

Redirect headers

date: Thu, 20 Feb 2020 15:56:54 GMT
cf-cache-status: HIT
server: cloudflare
age: 82902
location: https://sac.ayads.co/sublime/883
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 302
cache-control: max-age=86400
cf-ray: 5681ac56aebd9704-FRA
expires: Thu, 20 Feb 2020 16:55:12 GMT

GET
H2 200 logo-offremedia_0.png
www.offremedia.com/sites/default/files/ 4 KB
5 KB 62ms
62ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/files/logo-offremedia_0.png

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

3c0df311ea2f9a502deaafbc6234ba6590192e037664cbfebd6b2bf978740468

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 4488
x-request-id: rco2is7rin4bzbj4vo33q6mh
x-platform-cache: HIT
last-modified: Thu, 10 Dec 2015 14:05:57 GMT
etag: "566986c5-1188"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Fri, 21 Feb 2020 15:13:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: W9F3G/yCaV3nRK33yTuaGqIFWXM1D9CwUEFaMMuwdLWgudZsBcQ/qK4yNLFYYBzh/X8iQ7tvOLgTeRcNVn2sxw==
x-fb-trip-id: 420120009
date: Thu, 20 Feb 2020 15:56:54 GMT, Thu, 20 Feb 2020 15:56:54 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nl2195-logo-rakuten-advertising.png
www.offremedia.com/sites/default/files/styles/270x170_echelle/public/vignette/article/ 9 KB
9 KB 29ms
28ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/files/styles/270x170_echelle/public/vignette/article/nl2195-logo-rakuten-advertising.png?itok=XINf-sUr

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

e2d24d44ee4d0f1b51fc6b1f6f356eb5c59a8b197377737d9dae87c40ebba51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 9274
x-request-id: xoksjwpi3brqgrwrv7bfjmbz
x-platform-cache: HIT
last-modified: Thu, 13 Feb 2020 23:07:26 GMT
etag: "5e45d6ae-243a"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Fri, 21 Feb 2020 15:54:54 GMT

GET
H/1.1 200
OK outbrain.js Show response
widgets.outbrain.com/ 118 KB
40 KB 139ms
61ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d73e56afa4c24b09911d12591503b2258465972e5eaf3b807ba7c29d9e5b1b2a

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 13:43:08 GMT
Server: AkamaiNetStorage
ETag: "1a5d34ec8afb71efd72f09ca3772f76c:1582207445.286936"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false

GET
H2 200 DbmZ7NmtaX0.jpg
www.offremedia.com/sites/default/files/styles/largeur770_echelle/public/media-youtube/ 155 KB
155 KB 31ms
31ms Image
image/jpeg 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/files/styles/largeur770_echelle/public/media-youtube/DbmZ7NmtaX0.jpg?itok=C5EVD4ni

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

f581e69e80cdb65e82a4849c13b6ff35ec9fcc043f94a83d1eec99c0997f25a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 158899
x-request-id: o2jlm3356fttsqdg63coel5o
x-platform-cache: HIT
last-modified: Fri, 07 Feb 2020 13:07:10 GMT
etag: "5e3d60fe-26cb3"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Fri, 21 Feb 2020 15:13:32 GMT

GET
H2 200 nl2199-logo-union-des-marques-referentiel.png
www.offremedia.com/sites/default/files/styles/150x100_manual_crop/public/vignette/chiffreetudes/ 12 KB
13 KB 30ms
29ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/files/styles/150x100_manual_crop/public/vignette/chiffreetudes/nl2199-logo-union-des-marques-referentiel.png?itok=HCNcdv4A

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

75ced8b6494d47160d9f0953da4a4e2070a5fd1e53f803bede973c2459c85441

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 12629
x-request-id: 4uln5vf64jprhtggfvdcpv5b
x-platform-cache: HIT
last-modified: Thu, 20 Feb 2020 08:47:21 GMT
etag: "5e4e4799-3155"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Fri, 21 Feb 2020 15:13:32 GMT

GET
H2 200 logo-mindshare-2017.png
www.offremedia.com/sites/default/files/styles/150x100_manual_crop/public/logo/agence%20media/ 4 KB
4 KB 31ms
30ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/files/styles/150x100_manual_crop/public/logo/agence%20media/logo-mindshare-2017.png?itok=0SWR4bJs

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

ba519f167520041015c47629a0d3c462cfcb4b5dc9a3f9d7c9ab109271b311a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 4332
x-request-id: mcbrme6zhylpw44t527sq2d3
x-platform-cache: HIT
last-modified: Wed, 19 Feb 2020 23:04:13 GMT
etag: "5e4dbeed-10ec"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Fri, 21 Feb 2020 15:13:32 GMT

GET
H2 200 xtcore.js Show response
www.offremedia.com/sites/default/themes/offremedia/js/ 25 KB
25 KB 50ms
50ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/js/xtcore.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

02d3b1e2922f04eb669bf1cc6ef2843360ccdea38f7bc6eac65ea13c6f49856d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 25557
x-request-id: xuwfdcyrtvpfd6cggnk5ns5z
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-63d5"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 js_MLVgtzZ1ORq9krYqkeOsRay6ou_T-0QZytivuM9tTT8.js Show response
www.offremedia.com/sites/default/files/js/ 3 KB
966 B 34ms
34ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_MLVgtzZ1ORq9krYqkeOsRay6ou_T-0QZytivuM9tTT8.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

30b560b73675391abd92b62a91e3ac45acbaa2efd3fb4419cad8afb8cf6d4d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 889
x-request-id: 3hvndogsfbbgtjgal6q4m3g2
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-379"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 js_2lJC5gTZ8B3-P19n2LPEd0viiCEmLJ5gcIAFYex1r0U.js Show response
www.offremedia.com/sites/default/files/js/ 20 KB
4 KB 29ms
28ms Script
application/javascript 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/files/js/js_2lJC5gTZ8B3-P19n2LPEd0viiCEmLJ5gcIAFYex1r0U.js

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

da5242e604d9f01dfe3f5f67d8b3c4774be28821262c9e6070800561ec75af45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 3855
x-request-id: h4und5sridk3yzcyup3l2smb
x-platform-cache: HIT
last-modified: Mon, 03 Feb 2020 09:56:08 GMT
etag: "5e37ee38-f0f"
x-platform-cluster: yom7bnys4shvu-master
content-type: application/javascript
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 05 Mar 2020 14:53:32 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 10620
x-xss-protection: 0
pragma: public
x-fb-debug: tSNV6Vp8VgDJvEBBcKdIoARaw2UnPlfqCBPcEvdqzRsYZsHiHaYNZBO/7ifhaDFOH7DizFzfwOO+KkDjGB5LvQ==
x-fb-trip-id: 420120009
date: Thu, 20 Feb 2020 15:56:54 GMT, Thu, 20 Feb 2020 15:56:54 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1942610412518069 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1942610412518069?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22196d6026d6681df20ce7b20175824b1b58275a7ba17bc4f56372e3d54ee57a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114920
x-xss-protection: 0
pragma: public
x-fb-debug: OharQM21gE6t+NzyLLlDbZ7/voWV8LENcRswXrNTdAjanfPFBGfQj3D1MRWJdaWKI9qbG8EQi+LuXjFff5eGdg==
x-fb-trip-id: 420120009
date: Thu, 20 Feb 2020 15:56:54 GMT, Thu, 20 Feb 2020 15:56:54 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,700italic,400,700|Roboto:400,300,400italic,500,500italic,700,700italic,300italic

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e22ccc5dd50d9be21195e6d314c37585f7c766ee793d04384395d3d904aaaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 15:56:54 GMT
server: ESF
date: Thu, 20 Feb 2020 15:56:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Feb 2020 15:56:54 GMT

OPTIONS
H/1.1 200
OK call Show response
www14.smartadserver.com/3511/ 0
384 B 195ms
46ms XHR
text/plain 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/3511/call
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3511/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.offremedia.com
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:53 GMT
Access-Control-Allow-Methods: GET, HEAD, POST
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.offremedia.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 0
Expires: -1

GET
H2 200 icones-menu-reseaux-top.jpg
www.offremedia.com/sites/default/themes/offremedia/images/ 2 KB
2 KB 37ms
37ms Image
image/jpeg 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/icones-menu-reseaux-top.jpg

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

f87191fcac2e1c95ac63a935e8336dd374a67fb06149197fe7c5fc01d5fbd299

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 2278
x-request-id: nzqucxl4obq4ts5i7cpehjmg
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-8e6"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 icone-compte.jpg
www.offremedia.com/sites/default/themes/offremedia/images/ 1 KB
2 KB 37ms
37ms Image
image/jpeg 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/icone-compte.jpg

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

b5f1e79943dbbbbabcd8d03e8e63035be75279c00e21933b1b1161c20ac9b74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1531
x-request-id: wv6u4c5xcjtlknmmdj5fdd2z
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-5fb"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 menu-leaf.png
www.offremedia.com/sites/all/themes/contrib/omega/omega/images/misc/ 93 B
162 B 38ms
38ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/all/themes/contrib/omega/omega/images/misc/menu-leaf.png?1382488163

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

acdf3fc2b355892a8ec24107001266208d4ae71b20929bcc156e8a29b6a58b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_gEIRHNajO496bMahEquHPCn8-9ohrSlpkIdV9r2WMWQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 93
x-request-id: 33dlwssky72ig2egvgwwdaql
x-platform-cache: MISS
last-modified: Tue, 21 Jul 2015 09:22:05 GMT
etag: "55ae0f3d-5d"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 menu-expanded.png
www.offremedia.com/sites/all/themes/contrib/omega/omega/images/misc/ 79 B
172 B 38ms
37ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/all/themes/contrib/omega/omega/images/misc/menu-expanded.png?1382488163

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

9ba40822c0fc5646cfbd6203fa76a987663acfe3bf077053efb054886fd44655

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_gEIRHNajO496bMahEquHPCn8-9ohrSlpkIdV9r2WMWQ.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 79
x-request-id: e3hftf467bmab6km3jx4uwy5
x-platform-cache: MISS
last-modified: Tue, 21 Jul 2015 09:22:05 GMT
etag: "55ae0f3d-4f"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 loupe.png
www.offremedia.com/sites/default/themes/offremedia/images/ 1 KB
1 KB 38ms
38ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/loupe.png

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

7ae8c282c33cd4f743cd3595087e0d2983c33c9f8391502ba23e0319d2978e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1443
x-request-id: yfew2gw62gapbalkxdhlo37b
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-5a3"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 Roboto-Regular.woff
www.offremedia.com/sites/default/themes/offremedia/fonts/ 91 KB
91 KB 38ms
38ms Font
font/woff 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/fonts/Roboto-Regular.woff

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

333eecf65eb808eda81d224189b54fa3b3decf7a70689e0b2ac9e8469e658f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
Origin: https://www.offremedia.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 93040
x-request-id: bvyjpepbkb75ntigdur7tx5i
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-16b70"
x-platform-cluster: yom7bnys4shvu-master
content-type: font/woff
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 BebasNeue-webfont.woff
www.offremedia.com/sites/default/themes/offremedia/fonts/ 18 KB
18 KB 37ms
37ms Font
font/woff 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/fonts/BebasNeue-webfont.woff

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

0cc7740c9468aaae51503c1e2a06376b3c946ff587e8eddf5265f92fd5508b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
Origin: https://www.offremedia.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 18036
x-request-id: cbybwmfaotdlazzb3zrptp6l
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-4674"
x-platform-cluster: yom7bnys4shvu-master
content-type: font/woff
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 bouton-home-breadcrumb.png
www.offremedia.com/sites/default/themes/offremedia/images/ 3 KB
3 KB 30ms
30ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/bouton-home-breadcrumb.png

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

22124b8595b71493566e55a661e7e87c0193775f57cb231c4a3eae88972ba77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 2777
x-request-id: twa4z6xg4vmvp2ratu2qhvce
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-ad9"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 punaise.png
www.offremedia.com/sites/default/themes/offremedia/images/ 1 KB
1 KB 30ms
30ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/punaise.png

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

f250ac53e515c63e0bf26e380c08d83011c097f35a0e40cd85b8742713cb914e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1191
x-request-id: 5iph6qevzdlmf76erq3vcbfe
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-4a7"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 bulle-commentaire-orange.png
www.offremedia.com/sites/default/themes/offremedia/images/ 1 KB
1 KB 30ms
30ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/bulle-commentaire-orange.png

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

95717591bf3aff8799a0bd64afbfd11a7966bbeb659aab09ecba1295f92baafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1185
x-request-id: en6oj5rgge46hvejnwgmevii
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-4a1"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 Roboto-Light-webfont.woff
www.offremedia.com/sites/default/themes/offremedia/fonts/ 103 KB
103 KB 37ms
37ms Font
font/woff 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/fonts/Roboto-Light-webfont.woff

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

7c1e38b0a72dcde35f9f7171eae6fdd95a0a6976203287afc6fbc46bfbda1f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
Origin: https://www.offremedia.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 105544
x-request-id: lhajlvfhucgc4uikfpc4krkw
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-19c48"
x-platform-cluster: yom7bnys4shvu-master
content-type: font/woff
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 Roboto-BoldCondensed.woff
www.offremedia.com/sites/default/themes/offremedia/fonts/ 91 KB
92 KB 36ms
36ms Font
font/woff 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/fonts/Roboto-BoldCondensed.woff

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

35ce21bb4e69fc457d758809dd0d9b4fd0836186fe676ed83cae6b83481066e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
Origin: https://www.offremedia.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 93676
x-request-id: wjpiadmctpjdme6szwthsxmr
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-16dec"
x-platform-cluster: yom7bnys4shvu-master
content-type: font/woff
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 Roboto-Bold.woff
www.offremedia.com/sites/default/themes/offremedia/fonts/ 92 KB
92 KB 38ms
38ms Font
font/woff 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/fonts/Roboto-Bold.woff

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

a98fd3347a8b522e21035fdf31d25927034018bc537142cbac820ade068d46fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
Origin: https://www.offremedia.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 94088
x-request-id: 7t7n7fbzxanye6r2n6znoxav
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-16f88"
x-platform-cluster: yom7bnys4shvu-master
content-type: font/woff
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 111ms
27ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=0&e=l&tse=1582214214309&et=257&tfz=24&sqid=1&bw=1600&bh=1200
Requested by: Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 fleche-droite-or.png
www.offremedia.com/sites/default/themes/offremedia/images/ 1015 B
1 KB 32ms
32ms Image
image/png 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/fleche-droite-or.png

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

3e01a0c44bb2fb0c5fa81a82c7a704b0b6827edf9ff4e2c04c3b056b21cd0559

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 1015
x-request-id: e6hxapt4xajd3r2q7kciywkx
x-platform-cache: MISS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-3f7"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1942610412518069&ev=PageView&dl=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&rl=&if=false&ts=1582214214342&sw=1600&sh=1200&v=2.9.15&r=stable&a=pldrupal-7-7.67&ec=0&o=30&fbp=fb.1.1582214214340.753634985&it=1582214214186&coo=false&rqm=GET

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT, Thu, 20 Feb 2020 15:56:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 20 Feb 2020 15:56:54 GMT

GET
H2 200 icones-menu-reseaux-bottom.jpg
www.offremedia.com/sites/default/themes/offremedia/images/ 3 KB
3 KB 32ms
32ms Image
image/jpeg 54.76.137.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offremedia.com/sites/default/themes/offremedia/images/icones-menu-reseaux-bottom.jpg

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

54.76.137.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

gw.eu.platform.sh

Software

Resource Hash

c56b0cf21454f224b9820c9d293176893616476c470b2422ed7d1077968205cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.offremedia.com/sites/default/files/css/css_QRxyy8r-hyWkFpgs7xCCeSbvfcBF93QuSFLrgv_xrcg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
status: 200
x-platform-processor: yom7bnys4shvu-master--php
strict-transport-security: max-age=0
content-length: 2885
x-request-id: fwaam3broyolo4gwhzov5jpy
x-platform-cache: BYPASS
last-modified: Mon, 02 Dec 2019 12:29:12 GMT
etag: "5de50398-b45"
x-platform-cluster: yom7bnys4shvu-master
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: yom7bnys4shvu-master--router
expires: Thu, 20 Feb 2020 15:56:53 GMT

GET
H2

200

hit.xiti
logs11.xiti.com/
Redirect Chain

https://logs11.xiti.com/hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}...
https://logs11.xiti.com/hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}...

35 B
129 B

28ms
28ms

Image
image/gif

34.253.156.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs11.xiti.com/hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}&ref=&Rdt=On

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.253.156.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-156-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:54 GMT
content-length: 35
strict-transport-security: max-age=3600
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 15:56:54 GMT
strict-transport-security: max-age=3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 269
location: /hit.xiti?s=412528&p=&vrn=1&ac=&an=&lng=en-US&idp=1656542431954&jv=0&re=1600x1200&vtag=4.7.0&hl=16x56x54&r=1600x1200x24x24&rn=1582214214354&stc={%22device%22%3A%22desktop%22}&ref=&Rdt=On
content-type: text/html; charset=utf-8

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 36ms
35ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?_=1582214214264

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/sites/default/files/js/js_a8MyAHRjajLu6SNTDzhm_ZUhUeIq_Ao6d-T9QrOU9BI.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: W/"5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 20 Feb 2020 15:56:54 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 33ms
33ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?_=1582214214265

Requested by

Host: www.offremedia.com
URL: https://www.offremedia.com/sites/default/files/js/js_a8MyAHRjajLu6SNTDzhm_ZUhUeIq_Ao6d-T9QrOU9BI.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: W/"5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 20 Feb 2020 15:56:54 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 30ms
30ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?_=1582214214264
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=17992
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H/1.1 200
OK Cookie set put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D1D4 0
0 32ms
31ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "c0311cf15c21ddda054005e92fad3f9e:1582207439.610371"
Last-Modified: Thu, 20 Feb 2020 13:43:08 GMT
Server: AkamaiNetStorage
Content-Length: 416
Cache-Control: max-age=604800
Date: Thu, 20 Feb 2020 15:56:54 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Set-Cookie: akacd_widgets_routing=1582214214~rv=47~id=e8ed064f21f362026c88e328918e4884; path=/; Expires=Thu, 20 Feb 2020 15:56:54 GMT; HttpOnly; Secure; SameSite=None

GET
H/1.1 200
OK d3d3Lm9mZnJlbWVkaWEuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
475 B 109ms
47ms XHR
application/json 2.17.186.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm9mZnJlbWVkaWEuY29t

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.136 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=11634
Date: Thu, 20 Feb 2020 15:56:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: false
Content-Length: 15
Expires: Thu, 20 Feb 2020 19:10:48 GMT

POST
H/1.1

307
Temporary Redirect

call Show response
www14.smartadserver.com/3511/
Redirect Chain

https://www14.smartadserver.com/3511/call
https://www14.smartadserver.com/3511/call?cklb=1

0
-1 B

173ms
44ms

XHR

185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/3511/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Access-Control-Allow-Origin: https://www.offremedia.com
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location: https://www14.smartadserver.com/3511/call?cklb=1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Location: https://www14.smartadserver.com/3511/call?cklb=1
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.offremedia.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 341ms
85ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1582214214581&sessionId=c4b5403f-5a27-fbbf-4a0f-8d84036f59f9&url=www.offremedia.com&cheqSource=1&cheqEvent=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ddc87be272fca7d1e81dace1db0871d6
Content-Length: 4
Expires: 0

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 37 KB
15 KB 102ms
22ms Script
text/javascript 2a02:6ea0:c710::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c710::2 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: 8297b3c9baa6cbd5032dca312e1b1ec21289c2860f25b69650737f594c00d7ea

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: br
server: BunnyCDN-DE1-487
vary: Accept-Encoding
cdn-edgestorageid: 487
content-type: text/javascript; charset=utf-8
status: 200
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-pullzone: 62714
cdn-cachedat: 2020-02-19 15:48:32
cdn-requestid: 62b2a9936cff968982cc6b0592b45e91
cdn-requestcountrycode: DE
cdn-cache: HIT

OPTIONS
H/1.1 200
OK call Show response
www14.smartadserver.com/3511/ 0
384 B 46ms
46ms XHR
text/plain 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/3511/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.offremedia.com
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Access-Control-Allow-Methods: GET, HEAD, POST
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.offremedia.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK call Show response
www14.smartadserver.com/3511/ 2 KB
2 KB 48ms
48ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/3511/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 406642b76d3ad9159e6d5f10303ed84252f2ef28a4dd5deb0aa8b616e49ea3df

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.offremedia.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 690
Expires: -1

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 1 KB
1 KB 300ms
106ms Script
text/javascript 54.172.89.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=1472928829392271102691513816279504718715190506&nc=0&tsf=0&tsfmi=&pv=0&cb=1582214214737&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=438074594&at=&bid=e30%3D&di=W1sxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiNyxtMmhUczJoaGliM2d5%0D%0AaFkwcEk2TDBFQ0NVQkFvRWtKTWdmQ1QwSkJEQzloaFpxS0tFSFRNY0JiTnh0dVRmMWV0dnVUdjJm%0D%0AdVpMQUVGTC82MGRhYnBHTTUreVpjODQ3N3d5Qy8rIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwi%0D%0ALSJdLFstNiwie1wid1wiOltcImZicVwiLFwiX2ZicVwiLFwiJFwiLFwialF1ZXJ5XCIsXCJEcnVw%0D%0AYWxcIixcImpRdWVyeTExMDIwODM1MDY0OTY3OTM0MDgxNlwiLFwic2FzXCIsXCJzYXNfYWRzXCIs%0D%0AXCJzYXNfYWpheFwiLFwic2FzX21hbmFnZXJcIixcInNhc191bnJlbmRlcmVkRm9ybWF0c1wiLFwi%0D%0Ac2FzX2NhbGxBZFwiLFwic2FzX2NhbGxBZHNcIixcInNhc19yZW5kZXJcIixcIlNtYXJ0QWRTZXJ2%0D%0AZXJBamF4T25lQ2FsbFwiLFwiU21hcnRBZFNlcnZlcl9pZnJhbWVcIixcIlNtYXJ0QWRTZXJ2ZXJc%0D%0AIixcIlNtYXJ0QWRTZXJ2ZXJBamF4XCIsXCJzYXNfZ2NmXCIsXCJzYXNfYXBwZW5kVG9Db250YWlu%0D%0AZXJcIixcInNhc2NjXCIsXCJzYXNtb2JpbGVcIixcInNhc19hZGRDbGVhbkxpc3RlbmVyXCIsXCJz%0D%0AYXNfY2xlYW5BZHNcIixcInNhc19jbGVhbkFkXCIsXCJzYXNfcmVuZGVyTW9kZVwiLFwic3VibGlt%0D%0AZVwiLFwiYXlhZHNcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwieHRudlwiLFwieHRzZFwiLFwi%0D%0AeHRzaXRlXCIsXCJ4dG4yXCIsXCJ4dHBhZ2VcIixcInh0ZGlcIixcInh0X211bHRjXCIsXCJ4dF9h%0D%0AblwiLFwieHRfYWNcIixcInh0Y3VzdG9tXCIsXCJ4dHBhcmFtXCIsXCJYdGNvbmZcIixcIkFUSW50%0D%0AZXJuZXRcIixcIlh0Y29yZVwiLFwiQVRXZWJvXCIsXCJBVFR2VHJhY2tpbmdcIixcInh0TG9nRG9t%0D%0AXCIsXCJ4dHRyZWRpclwiLFwieHdcIixcInhkXCIsXCJ4dHZcIl0sXCJuXCI6W10sXCJkXCI6W119%0D%0AIl0sWy03LCItIl0sWy04LCItIl0sWy05LCItIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwi%0D%0ALFwibVwiOltcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcImRlc2Ny%0D%0AaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDA0MTY2%0D%0ANjY2NjY2NjY2NjY3fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIjI2NEJVQ1B3Il0sWy0y%0D%0AMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7%0D%0AXCJ0amhzXCI6OTc2Njk1MyxcInVqaHNcIjo4NjIyMjM3LFwiamhzbFwiOjEwOTg5MDc2NDh9Il0s%0D%0AWy0yNywiWzAsMTAsMCxcIjRnXCJdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwy%0D%0ALDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMx%0D%0ALCJ0cnVlIl0sWy0zMiwiMSJdLFstMzMsIi0iXSxbLTM0LCItIl1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A207%2C%22y%22%3A759%2C%22w%22%3A770%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=24&cri=sfVJm7V7d3&sdd=%7B%7D&pto=686
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.172.89.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-89-8.compute-1.amazonaws.com
Software: /
Resource Hash: 66f1aef66395903137de593ae89450492bca9ee52450253370b74db50a812342

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 15:56:54 GMT
content-encoding: gzip
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 864
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nshow Show response
www14.smartadserver.com/h/ 9 KB
4 KB 51ms
51ms Script
application/javascript 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/h/nshow?siteid=319395&pgid=1139768&fmtid=83306&tag=sas_83306&tmstp=4094383689&visit=S&uii=310007641349193419&acd=1582214214701&ckid=1616266236683066176&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dtw2%3B%24qt%3D78_2531_69948t%3B%24dma%3D0%3B%24b%3D16740%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&noadcbk=sas.noad&gdpr=1&insid=9306060%2C&capp=1%2C&mcrdbt=0%2C
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3511/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 120b769df2df1f8eeabab7af13edc2bacae20ffe0e9209f1dc7e18c0e5d9f6cb

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-SMRT-I: 9306060
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 3561
Expires: -1

GET
H/1.1 200
OK nshow Show response
www14.smartadserver.com/h/ 8 KB
4 KB 107ms
56ms Script
application/javascript 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/h/nshow?siteid=319395&pgid=1139768&fmtid=83308&tag=sas_83308&tmstp=4094383689&visit=S&uii=310007641349193420&acd=1582214214701&ckid=1616266236683066176&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dtw2%3B%24qt%3D78_2531_69948t%3B%24dma%3D0%3B%24b%3D16740%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&noadcbk=sas.noad&gdpr=1&insid=9325077%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3511/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: faad3d228b7b578892bc517667baf8bd34e8e19ca93af4a513f8489c51ae44a7

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-SMRT-I: 9325077
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 3109
Expires: -1

GET
H/1.1 200
OK aip
www14.smartadserver.com/h/ 43 B
431 B 152ms
44ms Image
image/gif 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www14.smartadserver.com/h/aip?siteid=319395&pgid=1139768&fmtid=83307&tmstp=4094383689&visit=S&uii=310007641349193421&acd=1582214214701&ckid=1616266236683066176&pubid=21&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3dtw2%3b%24qt%3d78_2531_69948t%3b%24dma%3d0%3b%24b%3d16740%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=5120084292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Cache-Control: no-cache, no-store
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK sas-interstitial-3.0.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/ 46 KB
13 KB 8ms
7ms Script
application/x-javascript 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Requested by: Host: www14.smartadserver.com
URL: https://www14.smartadserver.com/h/nshow?siteid=319395&pgid=1139768&fmtid=83306&tag=sas_83306&tmstp=4094383689&visit=S&uii=310007641349193419&acd=1582214214701&ckid=1616266236683066176&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dtw2%3B%24qt%3D78_2531_69948t%3B%24dma%3D0%3B%24b%3D16740%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&noadcbk=sas.noad&gdpr=1&insid=9306060%2C&capp=1%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 996d11ad82e6ddd1ce8130ec3fc04f6b56a6b43fb8aac302ef8c313c7ce37c98

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Feb 2020 07:27:12 GMT
Server: Apache
ETag: "938d86bd3e99ce0e5c4586746ba25ef4:1581578832"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12559

GET
H/1.1 200
OK S06-2020-Inter-Desktop-MediaEye-MEDIA_146eece7-5d82-46de-a9c9-eeb4ecce0a12.jpg
creatives.sascdn.com/diff/3511/9306060/ 158 KB
159 KB 17ms
17ms Image
image/jpeg 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sascdn.com/diff/3511/9306060/S06-2020-Inter-Desktop-MediaEye-MEDIA_146eece7-5d82-46de-a9c9-eeb4ecce0a12.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: dc2e9047d931a5533cdf53f17f1b97edbde33f546b7416001f31bef557e69da0

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Last-Modified: Fri, 07 Feb 2020 18:29:32 GMT
Server: Apache
ETag: "bb29aeafe692ef5d10a2aae9c4cc3c46:1581100172"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 162146
Expires: Fri, 19 Feb 2021 15:56:54 GMT

GET
H/1.1 200
OK aip
www14.smartadserver.com/h/ 43 B
436 B 108ms
46ms Image
image/gif 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www14.smartadserver.com/h/aip?tmstp=4094383689&ckid=1616266236683066176&pubid=21&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3dtw2%3b%24qt%3d78_2531_69948t%3b%24dma%3d0%3b%24b%3d16740%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&uii=315355665906669556&acd=1582214214757&envtype=0&visit=S&statid=1&tgt=%24dt%3d1t%3b%24dt%3d1t%3b%24hc&imptype=0&pgDomain=https%3a%2f%2fwww.offremedia.com%2frakuten-cree-sa-regie-rakuten-advertising&capp=1&mcrdbt=0&insid=9306060&siteid=319395&imgid=25064654&pgid=1139768&fmtid=83306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:54 GMT
Cache-Control: no-cache, no-store
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 6ms
6ms Image
image/png 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Last-Modified: Tue, 21 Nov 2017 13:19:51 GMT
Server: Apache
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1511270391"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H2 200 /
www.facebook.com/tr/ 44 B
105 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1942610412518069&ev=Microdata&dl=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&rl=&if=false&ts=1582214214844&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rakuten%20cr%C3%A9e%20sa%20r%C3%A9gie%20Rakuten%20Advertising%20%7C%20Offremedia%22%2C%22meta%3Adescription%22%3A%22Rakuten%20r%C3%A9unit%20son%20portefeuille%20mondial%20de%20propri%C3%A9t%C3%A9s%20m%C3%A9dias%2C%20sa%20division%20adtech%20et%20ses%20donn%C3%A9es%20propri%C3%A9taires%20au%20sein%20de%20sa%20nouvelle%20entit%C3%A9%20Rakuten%20Advertising.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aimage%22%3A%22https%3A%2F%2Fwww.offremedia.com%2Fsites%2Fdefault%2Ffiles%2Foffremedia_logo_partage.jpg%22%2C%22twitter%3Adescription%22%3A%22Rakuten%20r%C3%A9unit%20son%20portefeuille%20mondial%20de%20propri%C3%A9t%C3%A9s%20m%C3%A9dias%2C%20sa%20division%20adtech%20et%20ses%20donn%C3%A9es%20propri%C3%A9taires%20au%20sein%20de%20sa%20nouvelle%20entit%C3%A9%20Rakuten%20Advertising.%22%2C%22twitter%3Atitle%22%3A%22Rakuten%20cr%C3%A9e%20sa%20r%C3%A9gie%20Rakuten%20Advertising%22%2C%22twitter%3Asite%22%3A%22%40Offremedia%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.offremedia.com%2Fsites%2Fdefault%2Ffiles%2Foffremedia_logo_partage.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=pldrupal-7-7.67&ec=1&o=30&fbp=fb.1.1582214214340.753634985&it=1582214214186&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:54 GMT, Thu, 20 Feb 2020 15:56:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 20 Feb 2020 15:56:54 GMT

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 27 KB
9 KB 5ms
5ms Script
application/x-javascript 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www14.smartadserver.com
URL: https://www14.smartadserver.com/h/nshow?siteid=319395&pgid=1139768&fmtid=83308&tag=sas_83308&tmstp=4094383689&visit=S&uii=310007641349193420&acd=1582214214701&ckid=1616266236683066176&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dtw2%3B%24qt%3D78_2531_69948t%3B%24dma%3D0%3B%24b%3D16740%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fwww.offremedia.com%2Frakuten-cree-sa-regie-rakuten-advertising&noadcbk=sas.noad&gdpr=1&insid=9325077%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2870d7c9fc35c10c8629b40f303ccdc62ea5f10c5b5c6020372628c3fa560a86

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Feb 2020 07:27:09 GMT
Server: Apache
ETag: "c9b26ac786dd108b2d1728edcf979e21:1581578829"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9025

GET
H/1.1 200
OK S08-2020-Pave-NRJ-global_7e372ead-8955-4094-a9ee-5c602509ea92.jpg
creatives.sascdn.com/diff/3511/9325077/ 40 KB
40 KB 8ms
7ms Image
image/jpeg 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sascdn.com/diff/3511/9325077/S08-2020-Pave-NRJ-global_7e372ead-8955-4094-a9ee-5c602509ea92.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: f42861eceb707250bc42463116788c855ec14383eb513d02f0ef502f435a4b3c

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 15:56:54 GMT
Last-Modified: Wed, 19 Feb 2020 16:26:57 GMT
Server: Apache
ETag: "1fe12f4d157fc81341fd3c9780a667e8:1582129617"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40940
Expires: Fri, 19 Feb 2021 15:56:54 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 85ms
85ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1582214215045&sessionId=c4b5403f-5a27-fbbf-4a0f-8d84036f59f9&url=www.offremedia.com&cheqSource=1&cheqEvent=0&exitReason=4&responseTime=464
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:55 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e03b0ff5051c952b1803ea7a9977dc0
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
2 KB 193ms
126ms Script
text/x-json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.offremedia.com%2Fnode%2F152042&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&idx=0&version=1050149&apv=false&sig=264BUCPw&format=html&va=true&rand=45834&pdobuid=-1&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&clss=u3eTJ8iEy%2BDXoAfSVdnmBsGke41TJ%2FYTMtqVbxpZY%2B%2FXz%2BiljONHSfqWQf%2BPSBK%2FoyXhrWhcJSkaAX4J&secured=true&cmpStat=0&ccpaStat=0&ref=&px=215&py=759&vpd=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

745b8801b4d7d7bb5219f39088ea98267ca733db1bb3ef789dc4823298696ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-traceid: bc62e987ec5792de9a379a02f3b0c502
content-length: 991
x-served-by: cache-jfk8122-JFK, cache-hhn4037-HHN
pragma: no-cache
x-timer: S1582214215.129148,VS0,VE95
date: Thu, 20 Feb 2020 15:56:55 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
backend-ip: 104.156.90.22
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a451cd642c972c8aacc58f07fd6ba872&pvId=a451cd642c972c8aacc58f07fd6ba872&sid=3040233&pid=28788&idx=0&wId=100&pad=0&org=0&tm=773&eT=0&widgetWidth=770&widgetHeight=0&widgetX=215&widgetY=759&tpcs=0&wRV=1050149&pVis=0&lsd=90edfe06-c1fa-41d2-ac08-b8b190c1642d&eIdx=&cheq=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:55 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9de0e3facf051631c6d22edaf4ffaa11
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK Cookie set obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame C5F4 0
0 35ms
35ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: obuid=90edfe06-c1fa-41d2-ac08-b8b190c1642d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "356be3eaabfae643cce91ded40704c99:1579614658"
Last-Modified: Tue, 21 Jan 2020 13:50:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Date: Thu, 20 Feb 2020 15:56:55 GMT
Content-Length: 3555
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Set-Cookie: akacd_widgets_routing=1582214215~rv=69~id=5acb7e8950df024de8ea8e896bcc2361; path=/; Expires=Thu, 20 Feb 2020 15:56:55 GMT; HttpOnly; Secure; SameSite=None

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 167ms
85ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a451cd642c972c8aacc58f07fd6ba872&pvId=a451cd642c972c8aacc58f07fd6ba872&sid=3040233&pid=28788&idx=0&wId=100&pad=0&org=0&tm=778&eT=3&wRV=1050149&pVis=0&lsd=90edfe06-c1fa-41d2-ac08-b8b190c1642d&eIdx=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:55 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d927677a8b7ce2ddd9227e2214952b92
Content-Length: 4
Expires: 0

GET
H2 200 / Show response
geoworker.ayads.co/ 1 B
347 B 34ms
13ms XHR
text/plain 2606:4700:10::6814:b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoworker.ayads.co/
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 15:56:55 GMT
server: cloudflare
sublime-worker: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain;charset=UTF-8
status: 200
cf-ray: 5681ac5dbe890eb7-FRA
access-control-allow-origin: *
content-length: 1

GET
H/1.1 200
OK / Show response
optchk.ayads.co/ 25 B
288 B 135ms
28ms Script
application/javascript 54.72.218.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optchk.ayads.co/?callback=sublimeCb1582214214287
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.218.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-218-230.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 25ba5866aa6cf8eb21214b6d4e4bb2137d0cb861a34e2fd640ff1823f306d575

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:55 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 25
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 0
802 B 491ms
363ms XHR
application/json 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=271254&pgid=1016030&fmtid=42281&visit=M&tmstp=1582214215333&out=json&sh=1200&sw=1600&tgt=json%3Bgm%3D0%3Bscreen%3Dlarge%3Blarge_screen%3DTRUE&gdpr=1
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/883
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
Origin: https://www.offremedia.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 15:56:55 GMT
X-SMRT-D: 3%3b21%3b68
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.offremedia.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&e=p&gd&gdv&tse=1582214215335&et=1283&tfz=1050&sqid=2&bw=1600&bh=1200&ph=2147
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=128120&at=skinz&sspname=sspv3-smartadserver&gcp=0&sspplid=271254%7C1016030%7C42281&isssp=1&e=sspc&tse=1582214215335&et=1283&tfz=1050&sqid=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
27ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=128120&at=skinz&sspname=sspv3-smartadserver&gcp=0&e=zvid1&tse=1582214215338&et=1286&tfz=1053&sqid=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=128120&at=skinz&sspname=sspv3-smartadserver&gcp=0&e=ddsv0&tse=1582214215338&et=1286&tfz=1053&sqid=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
27ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=128120&at=skinz&sspname=sspv3-smartadserver&gcp=0&e=datp1&tse=1582214215339&et=1287&tfz=1054&sqid=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK action
www14.smartadserver.com/track/ 43 B
168 B 48ms
48ms Image
image/gif 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www14.smartadserver.com/track/action?sid=1582214214803&pid=1139768&iid=9306060&cid=25064654&key=viewcount&ts=1582214214803
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 15:56:55 GMT
Cache-Control: private
Content-Length: 43
Content-Type: image/gif

GET
H2 200 image-167029.jpg
cdn.ayads.co/16/70/ 316 KB
316 KB 14ms
13ms Image
image/jpeg 2606:4700:10::6814:a25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ayads.co/16/70/image-167029.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e852a8aac85449de4fbfeb9f47d41feae94c57df966c39e800081a343b4cd8d

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:55 GMT
cf-cache-status: HIT
age: 930
status: 200
content-type: image/jpeg
content-length: 323194
x-amz-id-2: hk8r/HcwuK4GAdUih6obE902esmgsWPZONqE0hArAKs+j1/d4+1j2d0kJfOvQs8Tm2XgMTyhLTc=
last-modified: Fri, 14 Feb 2020 14:22:06 GMT
server: cloudflare
etag: "754cc5d9d76ff3b194e16b4d488fda7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CDEFF1369340DBF5
cache-control: max-age=86400
x-amz-version-id: I3lKh8QG1om6YrjI68vCoB0_h61aEgSd
accept-ranges: bytes
cf-ray: 5681ac61095c9704-FRA

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 29ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=128120&at=skinz&sspname=sspv3-smartadserver&gcp=0&sspplid=271254%7C1016030%7C42281&isssp=1&e=sspko&sspr=1&rt=494&tse=1582214215844&et=1792&tfz=1559&sqid=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 29ms
29ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=167029&at=skinz&sspname=sspv3-&gcp=0&pt=skinz&e=i0&mm=1&tse=1582214215844&et=1793&tfz=1559&sqid=8&bw=1600&bh=1200&ph=2157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 image-167029.jpg
cdn.ayads.co/16/70/ 316 KB
316 KB 12ms
12ms Image
image/jpeg 2606:4700:10::6814:a25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ayads.co/16/70/image-167029.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e852a8aac85449de4fbfeb9f47d41feae94c57df966c39e800081a343b4cd8d

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 15:56:55 GMT
cf-cache-status: HIT
age: 930
status: 200
content-type: image/jpeg
content-length: 323194
x-amz-id-2: hk8r/HcwuK4GAdUih6obE902esmgsWPZONqE0hArAKs+j1/d4+1j2d0kJfOvQs8Tm2XgMTyhLTc=
last-modified: Fri, 14 Feb 2020 14:22:06 GMT
server: cloudflare
etag: "754cc5d9d76ff3b194e16b4d488fda7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CDEFF1369340DBF5
cache-control: max-age=86400
x-amz-version-id: I3lKh8QG1om6YrjI68vCoB0_h61aEgSd
accept-ranges: bytes
cf-ray: 5681ac61297b9704-FRA

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 28ms
27ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=167029&at=skinz&sspname=sspv3-&gcp=0&pt=skinz&e=i1&mm=0&tse=1582214216828&et=2777&tfz=2543&sqid=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 29ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=167029&at=skinz&sspname=sspv3-&gcp=0&pt=skinz&e=i3&mm=0&tse=1582214218829&et=4777&tfz=4544&sqid=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 29ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=167029&at=skinz&sspname=sspv3-&gcp=0&pt=skinz&e=i4&mm=0&tse=1582214219829&et=5778&tfz=5544&sqid=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:56:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 /
antenna.ayads.co/ 43 B
188 B 29ms
28ms Image
image/gif 34.243.240.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?src=wf&t=1582214214052&ver=20200217093659&z=883&device=d&puid=p5811522850589486000&suid=s7102425123301863000&gc=0&gm=0&ga=1&gs=2&a=167029&at=skinz&sspname=sspv3-&gcp=0&pt=skinz&e=i5&mm=0&tse=1582214220830&et=6779&tfz=6545&sqid=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.offremedia.com/rakuten-cree-sa-regie-rakuten-advertising
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 15:57:00 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.offremedia.com/	1970-01-19 07:30:16	Name: __atuvs Value: 5e4eac4655aff0c5000
.www.offremedia.com/	1970-01-22 23:06:14	Name: xtant412528 Value: 1
.www.offremedia.com/	1970-01-22 23:06:14	Name: xtan412528 Value: -
.www.offremedia.com/	1970-01-22 23:06:14	Name: xtvrn Value: $412528$
www.offremedia.com/	1970-01-19 16:57:35	Name: __atuvc Value: 1%7C8
.offremedia.com/	1970-01-19 09:39:50	Name: _fbp Value: fb.1.1582214214340.753634985

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Call to "fbq('init', '1942610412518069', []);" with parameter "user_data" has an invalid value of "[]"
console-api	log	URL: https://www.offremedia.com/sites/default/files/js/js_BsBZkU29GcJoBkgYF5uAjRujXtzaByelLu6-99fwniY.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://sac.ayads.co/sublime/883(Line 5) Message: %cwf%cs%c background: #ED7D04;border-radius: 3px 0 0 3px;color: #fff;padding: 1px 3px; color: #3E3E40;padding: 1px 3px;background: #6bec7c;; background: #dedede;border-radius: 0 3px 3px 0;color: #292929;padding: 1px 3px; Ad displayed 167029
console-api	log	URL: https://sac.ayads.co/sublime/883(Line 5) Message: console.trace
console-api	log	URL: https://sac.ayads.co/sublime/883(Line 5) Message: console.groupEnd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ayads.co
antenna.ayads.co
cdn.ayads.co
ced-ns.sascdn.com
ced.sascdn.com
connect.facebook.net
creatives.sascdn.com
fonts.googleapis.com
geoworker.ayads.co
log.outbrainimg.com
logs11.xiti.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
optchk.ayads.co
s7.addthis.com
sac.ayads.co
tcheck.outbrainimg.com
widgets.outbrain.com
www.facebook.com
www.offremedia.com
www14.smartadserver.com
www8.smartadserver.com
z.moatads.com
151.101.114.2
185.86.137.43
185.86.138.32
2.16.186.113
2.17.186.136
23.210.248.44
23.210.250.213
23.210.250.44
2606:4700:10::6814:a25
2606:4700:10::6814:b25
2a00:1450:4001:81b::200a
2a01:4a0:1338:28::c38a:ff0a
2a01:4a0:1338:28::c38a:ff10
2a02:6ea0:c710::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.243.240.54
34.253.156.178
54.172.89.8
54.72.218.230
54.76.137.79
70.42.32.127
02d3b1e2922f04eb669bf1cc6ef2843360ccdea38f7bc6eac65ea13c6f49856d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06c059914dbd19c268064818179b808d1ba35edcda0727a52eeebef7d7f09e26
0cc7740c9468aaae51503c1e2a06376b3c946ff587e8eddf5265f92fd5508b2c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120b769df2df1f8eeabab7af13edc2bacae20ffe0e9209f1dc7e18c0e5d9f6cb
1fbab6c4e44a991f4037c431e6ca4a108069ed1ff01b66a902cc09a0251963b2
22124b8595b71493566e55a661e7e87c0193775f57cb231c4a3eae88972ba77e
22196d6026d6681df20ce7b20175824b1b58275a7ba17bc4f56372e3d54ee57a
25ba5866aa6cf8eb21214b6d4e4bb2137d0cb861a34e2fd640ff1823f306d575
2870d7c9fc35c10c8629b40f303ccdc62ea5f10c5b5c6020372628c3fa560a86
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
30b560b73675391abd92b62a91e3ac45acbaa2efd3fb4419cad8afb8cf6d4d3f
333eecf65eb808eda81d224189b54fa3b3decf7a70689e0b2ac9e8469e658f5d
35ce21bb4e69fc457d758809dd0d9b4fd0836186fe676ed83cae6b83481066e5
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3c0df311ea2f9a502deaafbc6234ba6590192e037664cbfebd6b2bf978740468
3e01a0c44bb2fb0c5fa81a82c7a704b0b6827edf9ff4e2c04c3b056b21cd0559
406642b76d3ad9159e6d5f10303ed84252f2ef28a4dd5deb0aa8b616e49ea3df
411c72cbcafe8725a416982cef10827926ef7dc045f7742e4852eb82fff1adc8
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
66f1aef66395903137de593ae89450492bca9ee52450253370b74db50a812342
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc3320074636a32eee923530f3866fd952151e22afc0a3a77e4fd42b394f412
6e168983731cd1ca7c4d1ef24ead503d31e952284507c581a4da0a8df4a38d81
6e22ccc5dd50d9be21195e6d314c37585f7c766ee793d04384395d3d904aaaa3
6e852a8aac85449de4fbfeb9f47d41feae94c57df966c39e800081a343b4cd8d
745b8801b4d7d7bb5219f39088ea98267ca733db1bb3ef789dc4823298696ca8
75ced8b6494d47160d9f0953da4a4e2070a5fd1e53f803bede973c2459c85441
79ed5640a2ba6cfe86f08e637c210dfaabbae4db6fa4f560434d4a5a6dd3e670
7ae8c282c33cd4f743cd3595087e0d2983c33c9f8391502ba23e0319d2978e1a
7c1e38b0a72dcde35f9f7171eae6fdd95a0a6976203287afc6fbc46bfbda1f2c
8042111cd6a33b8f7a6cc6a112ab873c29fcfbda21ad2969908755f6bd963164
8297b3c9baa6cbd5032dca312e1b1ec21289c2860f25b69650737f594c00d7ea
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91001be7e7491dd5ba8bbefbdc26e07ca310d277285c39788d03312023bcca76
95717591bf3aff8799a0bd64afbfd11a7966bbeb659aab09ecba1295f92baafd
996d11ad82e6ddd1ce8130ec3fc04f6b56a6b43fb8aac302ef8c313c7ce37c98
9ba40822c0fc5646cfbd6203fa76a987663acfe3bf077053efb054886fd44655
a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76
a98fd3347a8b522e21035fdf31d25927034018bc537142cbac820ade068d46fb
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
acdf3fc2b355892a8ec24107001266208d4ae71b20929bcc156e8a29b6a58b5c
b0be342f7ee3a09764b5bb4a0c299f81fdfc9c332e51c7a92ec773acf4fac791
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5f1e79943dbbbbabcd8d03e8e63035be75279c00e21933b1b1161c20ac9b74a
b77e15a9e319bc1d61f5fdc714f68bd16ed15c386591aa1f650f686e74a0c53a
ba519f167520041015c47629a0d3c462cfcb4b5dc9a3f9d7c9ab109271b311a9
c56b0cf21454f224b9820c9d293176893616476c470b2422ed7d1077968205cd
cbb739e9914511fd9e220c9d759603a415d18d6c2bcbb7cf93fe4bd03ef9f0b7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d73e56afa4c24b09911d12591503b2258465972e5eaf3b807ba7c29d9e5b1b2a
da5242e604d9f01dfe3f5f67d8b3c4774be28821262c9e6070800561ec75af45
dc2e9047d931a5533cdf53f17f1b97edbde33f546b7416001f31bef557e69da0
e2d24d44ee4d0f1b51fc6b1f6f356eb5c59a8b197377737d9dae87c40ebba51c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f250ac53e515c63e0bf26e380c08d83011c097f35a0e40cd85b8742713cb914e
f42861eceb707250bc42463116788c855ec14383eb513d02f0ef502f435a4b3c
f581e69e80cdb65e82a4849c13b6ff35ec9fcc043f94a83d1eec99c0997f25a8
f87191fcac2e1c95ac63a935e8336dd374a67fb06149197fe7c5fc01d5fbd299
faad3d228b7b578892bc517667baf8bd34e8e19ca93af4a513f8489c51ae44a7

www.offremedia.com Open in urlscan Pro 54.76.137.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

36 %IPv6

13 Domains

24 Subdomains

22 IPs

6 Countries

2204 kBTransfer

4049 kBSize

6 Cookies

6 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.offremedia.com Open in urlscan Pro
54.76.137.79 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

36 %
IPv6

13
Domains

24
Subdomains

22
IPs

6
Countries

2204 kB
Transfer

4049 kB
Size

6
Cookies

87 HTTP transactions
0 data transactions