lesboucans.com Open in urlscan Pro
192.155.110.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lesboucans.com/employee-handbook-template-word-collection/
Submission: On January 24 via manual (January 24th 2024, 5:03:22 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 60 HTTP transactions. The main IP is 192.155.110.18, located in Miami, United States and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is lesboucans.com.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.

This is the only time lesboucans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	192.155.110.18 192.155.110.18	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25e... 2600:9000:25e8:c400:1f:b43c:f340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:306	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.67.189 76.223.67.189	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.19.157 104.18.19.157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	92.205.6.179 92.205.6.179	21499 (GODADDY-SXB) (GODADDY-SXB)
1	2606:4700:20:... 2606:4700:20::681a:d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
60	21

8 192.155.110.18 (Miami, United States)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: mia3000.dnsiaas.com

lesboucans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:c400:1f:b43c:f340:93a1 (United States)

ASN16509 (AMAZON-02, US)

templates.business-in-a-box.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:306 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bizmanualz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.67.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: a67c48129651a0940.awsglobalaccelerator.com

jarbasagnelli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a66 (United States)

ASN13335 (CLOUDFLARENET, US)

images.template.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.157 (None, )

ASN13335 (CLOUDFLARENET, US)

img.lovepik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.free-power-point-templates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.205.6.179 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 179.6.205.92.host.secureserver.net

klariti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d24 (United States)

ASN13335 (CLOUDFLARENET, US)

templatelab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

twinelandlord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	121 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	226 KB
8	lesboucans.com lesboucans.com	61 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	7 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	71 KB
2	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2528	52 KB
2	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com	681 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4684	596 B
1	twinelandlord.com twinelandlord.com
1	templatelab.com templatelab.com — Cisco Umbrella Rank: 83396	259 KB
1	klariti.com klariti.com	37 KB
1	free-power-point-templates.com cdn.free-power-point-templates.com — Cisco Umbrella Rank: 387163
1	lovepik.com img.lovepik.com — Cisco Umbrella Rank: 227707	89 KB
1	template.net images.template.net — Cisco Umbrella Rank: 69517	15 KB
1	jarbasagnelli.com jarbasagnelli.com
1	bizmanualz.com www.bizmanualz.com	30 KB
1	business-in-a-box.com templates.business-in-a-box.com — Cisco Umbrella Rank: 507890	22 KB
60	20

	Domain	Requested by
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	lesboucans.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	lesboucans.com	lesboucans.com
5	mc.yandex.com	2 redirects lesboucans.com
4	fonts.googleapis.com	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects lesboucans.com
2	www.adsensecustomsearchads.com	www.google.com www.adsensecustomsearchads.com
2	www.google.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	encrypted-tbn0.gstatic.com	lesboucans.com
1	lh3.googleusercontent.com	lesboucans.com
1	partner.googleadservices.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	twinelandlord.com	lesboucans.com
1	templatelab.com	lesboucans.com
1	klariti.com	lesboucans.com
1	cdn.free-power-point-templates.com	lesboucans.com
1	img.lovepik.com	lesboucans.com
1	images.template.net	lesboucans.com
1	jarbasagnelli.com	lesboucans.com
1	www.bizmanualz.com	lesboucans.com
1	templates.business-in-a-box.com	lesboucans.com
60	23

This site contains no links.

Subject Issuer	Validity	Valid
*.lesboucans.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.business-in-a-box.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-12` - `2024-05-12`	a year	crt.sh
bizmanualz.com E1	`2023-12-11` - `2024-03-10`	3 months	crt.sh
jarbasagnelli.com Go Daddy Secure Certificate Authority - G2	`2024-01-21` - `2025-01-21`	a year	crt.sh
template.net GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.lovepik.com GeoTrust RSA CN CA G2	`2023-05-16` - `2024-05-24`	a year	crt.sh
cdn.free-power-point-templates.com R3	`2023-12-16` - `2024-03-15`	3 months	crt.sh
klariti.com Go Daddy Secure Certificate Authority - G2	`2024-01-09` - `2025-02-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
twinelandlord.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://lesboucans.com/employee-handbook-template-word-collection/
Frame ID: 9C3DD487B221AA0C0076DE896FF454E1
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9486820601950824&output=html&adk=1812271804&adf=3025194257&lmt=1706115796&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115796178&bpp=36&bdt=259&idt=194&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4052266879178&frm=20&pv=2&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241
Frame ID: 3A4B7C5C3E2A53EE85B4076B5AC86CE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9486820601950824&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706115796&rafmt=1&to=qs&pwprc=1611683665&format=1200x280&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115796214&bpp=2&bdt=295&idt=211&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4052266879178&frm=20&pv=1&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=237
Frame ID: C7DA8D2DE9B3EE7673B48070CC466FE7
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ed84426ea8d377d4b&fexp=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164%2C44808454%2C21404%2C17300002%2C17301371%2C17301383%2C71847096&iab_gdprApplies=false&client=pub-9486820601950824&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=9411706115796916&num=0&output=afd_ads&domain_name=lesboucans.com&v=3&bsl=10&pac=2&u_his=2&u_tz=60&dt=1706115796918&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1031&frm=0&cl=600476684&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=600476684&rurl=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F
Frame ID: 6558CEA71DDAA4012E0BC6B5B7C28EEA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9486820601950824&output=html&h=600&slotname=6151472313&adk=1547593588&adf=284389943&pi=t.ma~as.6151472313&w=300&fwrn=4&fwrnh=100&lmt=1706115797&rafmt=7&format=300x600&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115797742&bpp=7&bdt=1823&idt=8&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd496f9f0989340ff%3AT%3D1706115796%3ART%3D1706115796%3AS%3DALNI_MbuoJHK8VkzBGChHxonh60n51_kZg&gpic=UID%3D00000d483f4ec2ea%3AT%3D1706115796%3ART%3D1706115796%3AS%3DALNI_MaYeR5q8dZLDXzFR3-mVvt6u_X7Jg&prev_fmts=0x0%2C1200x280&nras=2&correlator=4052266879178&frm=20&pv=1&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=18
Frame ID: 6DF8DAD631B1D0E28A192C6524C2AD16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C7CE0133BD7DB6CAAF1FE02557E37A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D78D2F7661140E3C5009D0329B5CD7F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Employee Handbook Template Word Collection

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

60
Requests

97 %
HTTPS

76 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

1678 kB
Transfer

2738 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.gM3b0NuabUghSkxFF6eaO4J6vf_vEYKZ-iH4aUpnHa2f8ojPEsS8oZpgI5m9_m4x.ZGbM0aqQ-TxcYzDRXLfOMCSNmyY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10258.ST9nomENKF3Kiv0KH1KSid8kdrfnMQWyjv5wo2wMf-0Uf7j-_W5NaVLq1sstE0l7Lmc4UxenpRhchoNzXZk2j7iL9qauvCdRGbdx9_-8Cwvj-Fx69-a7c7Zto_UTMR6dEGG95AyxtbJSHQ6gijlHUMRjfLpMVwmkd-AmeLMXNWMqc2H7ztuUy4-7xFnjlEuUSVSCmF26smRA-XMRYS00U85tJ-rmLAN5moouPcSWyaA%2C.oFx8i0ljR2TnCDseHgX-QzHyWkQ%2C

Request Chain 51

https://mc.yandex.com/watch/68633485?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A85770670411%3Ahid%3A839323156%3Az%3A60%3Ai%3A20240124180318%3Aet%3A1706115798%3Ac%3A1%3Arn%3A397601337%3Arqn%3A1%3Au%3A1706115798250364079%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C234%2C121%2C122%2C%2C0%2C%2C1755%2C0%2C%2C%2C%2C2602%3Aco%3A0%3Acpf%3A1%3Ans%3A1706115795192%3Afp%3A1142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706115798%3At%3AEmployee%20Handbook%20Template%20Word%20Collection&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/68633485/1?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A85770670411%3Ahid%3A839323156%3Az%3A60%3Ai%3A20240124180318%3Aet%3A1706115798%3Ac%3A1%3Arn%3A397601337%3Arqn%3A1%3Au%3A1706115798250364079%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C234%2C121%2C122%2C%2C0%2C%2C1755%2C0%2C%2C%2C%2C2602%3Aco%3A0%3Acpf%3A1%3Ans%3A1706115795192%3Afp%3A1142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706115798%3At%3AEmployee%20Handbook%20Template%20Word%20Collection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lesboucans.com/employee-handbook-template-word-collection/ 109 KB
37 KB 724ms
121ms Document
text/html 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: d66d1e381e54cb6709ea681a97f2522554a6c29af4130012247fd400d865c02e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 17:03:15 GMT
etag: "305516-1705837604;br"
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit
x-ua-compatible: IE=edge

GET
H2 200 461925a851d8b4862a37f60e5ec67fed.css
lesboucans.com/wp-content/litespeed/css/ 107 KB
13 KB 171ms
166ms Stylesheet
text/css 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/litespeed/css/461925a851d8b4862a37f60e5ec67fed.css?ver=11ed8
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 8b803355f4b14b0859865c735601a78362ebf6be2f0a073f3625cfe4667f83c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 17:02:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 13553
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 47f62ea16c86306dac0d5005e9a74e49.css
lesboucans.com/wp-content/litespeed/css/ 38 B
78 B 171ms
168ms Stylesheet
text/css 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/litespeed/css/47f62ea16c86306dac0d5005e9a74e49.css?ver=9deb1
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 61af24b5c9f2ee879adfadbe3789e9f1866717e1389949d9dec17b26bc18dd71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
last-modified: Wed, 24 Jan 2024 17:02:41 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 38
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 9bd4ce8a8fb7817627c02f07610e30f6.css
lesboucans.com/wp-content/litespeed/css/ 19 KB
4 KB 170ms
167ms Stylesheet
text/css 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/litespeed/css/9bd4ce8a8fb7817627c02f07610e30f6.css?ver=4bb8c
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 5b5ebb7b001ee9db0ec562fb9e0324e04c0bb75c2c0456131906cff29ce96cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 17:02:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4411
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 963edbe66e0fed434451aab1d6bdd0fc.css
lesboucans.com/wp-content/litespeed/css/ 7 KB
2 KB 169ms
166ms Stylesheet
text/css 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/litespeed/css/963edbe66e0fed434451aab1d6bdd0fc.css?ver=43827
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 8da66f99df70ebf9a875f65a4c5fbea079ee3500aab3c25e62d390a52b69ca06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 17:02:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1511
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 49eb47862fc954e3b58423356a0538ad.css
lesboucans.com/wp-content/litespeed/css/ 3 KB
454 B 170ms
167ms Stylesheet
text/css 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/litespeed/css/49eb47862fc954e3b58423356a0538ad.css?ver=82c5d
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 17:02:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 422
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 80ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9486820601950824

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad23afe71ea46591545e2839b64df3930d02ffc33a30570316280c691f70a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Origin: https://lesboucans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51457
x-xss-protection: 0
server: cafe
etag: 11968135364970168241
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H2 200 employee-handbook-D712.png
templates.business-in-a-box.com/imgs/1000px/ 22 KB
22 KB 213ms
14ms Image
image/png 2600:9000:25e8:c400:1f:b43c:f340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://templates.business-in-a-box.com/imgs/1000px/employee-handbook-D712.png
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:c400:1f:b43c:f340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2eb158b0dd12cac6aa6365ae7df1a7ead2339ec04c64a20b9fafa8bdd5c6ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: gYOnBiie7PghxNwCN_QNHROEol4i8lSN
date: Wed, 24 Jan 2024 06:07:10 GMT
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 39367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22034
last-modified: Tue, 21 Feb 2023 15:42:27 GMT
server: AmazonS3
etag: "2aa3caf4c79c716ca314ac6ce72f2e26"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: jAKpk_YEsbXYNN7Xmbn7pRWbxlaCg_iW0SKfZoUUMWEgqfRrKJnzAQ==

GET
H2 200 Employee-Handbook-New.png
www.bizmanualz.com/wp-content/uploads/2015/09/ 30 KB
30 KB 537ms
472ms Image
image/png 2606:4700:20::681a:306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bizmanualz.com/wp-content/uploads/2015/09/Employee-Handbook-New.png
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8f443006061dd7b5eccb7208fa5c644bc37f2d21e284602e7b7d155d5b4f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
cf-cache-status: MISS
last-modified: Thu, 04 May 2023 23:51:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6454450e-76b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9aBQkB6JYSZ4lxhESzcC0fVbS1BCIaLzQXOBHijSfpxVP8DVuwH11DvP4FY4Jwoi3WCeYqXCYtlGChRxbG%2FacuEQQ6OhHTZPa%2BrrUUHXgKD9SrsRG%2FdCC6pgs0EzC3ojbKq0gEBOXydJgr9scLRJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a9d94dd8ac2c27-FRA
content-length: 30385

GET
H/1.1 200
OK employee-and-company-handbook-templates-smartsheet-regarding-sales-manual-template-728x394.png
jarbasagnelli.com/wp-content/uploads/2020/06/ 0
0 422ms
134ms Image
text/html 76.223.67.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jarbasagnelli.com/wp-content/uploads/2020/06/employee-and-company-handbook-templates-smartsheet-regarding-sales-manual-template-728x394.png
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.67.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a67c48129651a0940.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 Restaurant-Employee-Handbook-Template.jpg
images.template.net/wp-content/uploads/2020/04/ 15 KB
15 KB 226ms
192ms Image
image/webp 2606:4700::6812:a66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.template.net/wp-content/uploads/2020/04/Restaurant-Employee-Handbook-Template.jpg

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3539fe0586a52479f7b60b2d938aa2a6d7580f8ee55d5e5fd05e4b0cb5d9974f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
x-amz-version-id: ZZuLGOVGMwrV2ZhfWqVDjdysW_MwXPQ2
cf-cache-status: HIT
strict-transport-security: max-age=15552000
x-amz-request-id: KGCK9TEWBAP0HWP4
cf-polished: qual=85, origFmt=jpeg, origSize=74176
content-disposition: inline; filename="Restaurant-Employee-Handbook-Template.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15190
x-amz-id-2: D3+OuQQ5uTPg3bP0wQYTlTM+kdM1mrEAUNs+pYI64sJUbTQB5ukVjDG8roQcDa7ZIf3kcNbM+gs=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Apr 2020 07:40:15 GMT
server: cloudflare
etag: "ca7750749b7b687693c308c3bcbdf462"
vary: Accept
content-type: image/webp
cache-control: public, max-age=195575818
accept-ranges: bytes
cf-ray: 84a9d94da9e3bb38-FRA
expires: Sat, 06 Apr 2030 07:40:14 GMT

GET
H2 200 0760.jpg!wh650
img.lovepik.com/word/40015/ 89 KB
89 KB 687ms
655ms Image
image/jpeg 104.18.19.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lovepik.com/word/40015/0760.jpg!wh650
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2806f2589335e24295444a155665206b96f8c076a070e167b9b9c0a0215c53c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
via: T.207.-, V.403-zj-fud-209, S.pcw-cn-hkg-166, T.166.N, V.pcw-cn-hkg-165, T.187.M, M.gtt-us-lax1-187
cf-cache-status: MISS
last-modified: Thu, 23 Aug 2018 07:02:00 GMT
server: cloudflare
etag: "4ae420f43c0d23895a0cbb5ba20fa84c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
x-source: U/200, G/304
accept-ranges: bytes
cf-ray: 84a9d94d9b2d2c35-FRA
content-length: 91105
x-request-id: 57b94fecc6fe50977bd22331b7cd2082
expires: Sun, 28 Jul 2024 17:03:16 GMT

GET
H2 403 employee-handbook-template.png
cdn.free-power-point-templates.com/articles/wp-content/uploads/2013/06/ 0
0 86ms
7ms Image
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.free-power-point-templates.com/articles/wp-content/uploads/2013/06/employee-handbook-template.png
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 employee-manual-1.gif
klariti.com/wp-content/uploads/2011/07/ 37 KB
37 KB 44ms
11ms Image
image/gif 92.205.6.179
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klariti.com/wp-content/uploads/2011/07/employee-manual-1.gif
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.205.6.179 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 179.6.205.92.host.secureserver.net
Software: Apache / W3 Total Cache/0.9.1.3
Resource Hash: e8c906c531a937a424830f506face049d80555048e90aaf1c3d3fcf495d2a3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
last-modified: Thu, 02 Feb 2017 21:50:10 GMT
server: Apache
x-powered-by: W3 Total Cache/0.9.1.3
vary: User-Agent
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38079
expires: Thu, 23 Jan 2025 17:03:16 GMT

GET
H2 200 employee-handbook-template-01.jpg
templatelab.com/wp-content/uploads/2019/03/ 258 KB
259 KB 293ms
238ms Image
image/jpeg 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://templatelab.com/wp-content/uploads/2019/03/employee-handbook-template-01.jpg
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf85842b551e251c339b988bbb71d52f64455783459a615c29b3108a1eed21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 24 Mar 2021 12:58:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "605b3784-408d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5a9ZJyqWNqJ%2BnNlVKB6iSDCwHn6xmEnAFsIajJy%2B9EDd1aUd8NXW1d9Ee0%2FPiJVdcRzL65Xw9U0DzsZQ6naTpF4BGestkjcH2wCQ%2B50P%2BN4o7jzygHMjhB8Owu9lGWdd0OOJroCb0uZBiAiSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 84a9d94dcbaabbe6-FRA
content-length: 264404

GET
H2 200 smooth-scroll.min.js Show response
lesboucans.com/wp-content/plugins/gp-premium/general/js/ 7 KB
3 KB 141ms
139ms Script
application/javascript 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.4.0
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Tue, 09 Jan 2024 19:30:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2548
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H2 200 menu.min.js Show response
lesboucans.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 141ms
140ms Script
application/javascript 192.155.110.18
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://lesboucans.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.155.110.18 Miami, United States, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: mia3000.dnsiaas.com
Software: LiteSpeed /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/employee-handbook-template-word-collection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
last-modified: Sat, 02 Dec 2023 13:49:21 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1535
expires: Thu, 23 Jan 2025 23:03:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 403 KB
137 KB 95ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9486820601950824&plah=lesboucans.com&bust=31080602

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9486820601950824

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4c06d8269debcc7f296c0df3d7409b83fa2e8c1130c5d2f673cbf7b77846c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139801
x-xss-protection: 0
server: cafe
etag: 871984631629240798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H/1.1 403
Forbidden invoke.js
twinelandlord.com/9a180e523d269be9be4af1f8a0e6be3f/ 0
0 1480ms
97ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://twinelandlord.com/9a180e523d269be9be4af1f8a0e6be3f/invoke.js
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 24 Jan 2024 17:03:17 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A4B 18 KB
6 KB 278ms
236ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9486820601950824&output=html&adk=1812271804&adf=3025194257&lmt=1706115796&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115796178&bpp=36&bdt=259&idt=194&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4052266879178&frm=20&pv=2&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9486820601950824&plah=lesboucans.com&bust=31080602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22c8a95be08fa5f3a1e1319fee8749cdcefd166115cdd92feab9bdc674c3d07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5441
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:16 GMT
expires: Wed, 24 Jan 2024 17:03:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7DA 724 B
531 B 291ms
273ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9486820601950824&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706115796&rafmt=1&to=qs&pwprc=1611683665&format=1200x280&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115796214&bpp=2&bdt=295&idt=211&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4052266879178&frm=20&pv=1&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d12e8e3570f48c2d4eccda9ef018f3488718c45481f8879b20f90bcc08bc7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:16 GMT
expires: Wed, 24 Jan 2024 17:03:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-9486820601950824 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 99ms
39ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9486820601950824?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa6e8617d8e6a4d96859fba6905d3cc70a3f7d624e3b2cf285933d7ff8e6b39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GV26xbTRdxKPag3lqXa5EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-GV26xbTRdxKPag3lqXa5EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6OK61H17IJ3Hi_rpsZAL2bWD0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 137 KB
50 KB 79ms
52ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37b8fba94f6c1f2728bb536f6026dbc3a3428b9d5e900f570931596e75a1802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4970861218833145909"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 157ms
156ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44808454&hl=en&pvc=987560357558181

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
857 B 62ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41636f670baaf6e960589364510199e9a19993f58f88c62cb79fa000b473677c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 17:03:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
731 B 69ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 16:44:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 591 B
440 B 63ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

388b9c1a78accd63d3c23eb6b9ab98b51165a8a9ef4b09efb14f5b4a71e7f2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 17:03:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
731 B 67ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 16:41:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:16 GMT

GET
H2 200 HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v247/ 671 KB
672 KB 52ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesymbols/v247/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14ce897583c4d726d504fd6212fea94217d039d7fc9a1765c2f33c9cb7e808e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lesboucans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 02:35:11 GMT
x-content-type-options: nosniff
age: 52085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 687600
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 21:35:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 02:35:11 GMT

GET
H2 200 AGSKWxXqE51nXVCRaGN_zEVjRY02RqPkEZjkuqzdDi2U3NNRD9cFkcr7CLGvecf2CctnJCMPU2oG8KXttqiY3kB83P0dM5VeJAOKLxUiIRGmAeH4yM6GEt7R1nGcVl0LP3FIQSLVu0TGvw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
46ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXqE51nXVCRaGN_zEVjRY02RqPkEZjkuqzdDi2U3NNRD9cFkcr7CLGvecf2CctnJCMPU2oG8KXttqiY3kB83P0dM5VeJAOKLxUiIRGmAeH4yM6GEt7R1nGcVl0LP3FIQSLVu0TGvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTE1Nzk2LDg5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZXNib3VjYW5zLmNvbS9lbXBsb3llZS1oYW5kYm9vay10ZW1wbGF0ZS13b3JkLWNvbGxlY3Rpb24vIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb37641ff27c72d1d32d559ff02987d2da7007c6d98b9ecc3a8cb870bcd13143

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RrcOlbYmsKP61lAK95ioHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RrcOlbYmsKP61lAK95ioHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6OK61H17IJnHhy7CAzALqbWGw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 382 B
596 B 118ms
16ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lesboucans.com&client=partner-pub-9486820601950824&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90ad5936c397bb63f7a26dd7215c97d472f818914ab5d860f6e4d2b00949f719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame 6558 1 KB
1 KB 141ms
96ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ed84426ea8d377d4b&fexp=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164%2C44808454%2C21404%2C17300002%2C17301371%2C17301383%2C71847096&iab_gdprApplies=false&client=pub-9486820601950824&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=9411706115796916&num=0&output=afd_ads&domain_name=lesboucans.com&v=3&bsl=10&pac=2&u_his=2&u_tz=60&dt=1706115796918&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1031&frm=0&cl=600476684&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=600476684&rurl=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

815a181cda83682e61e86fb78311f4b58c8e3387cc4773d7f6cf4ac354f4882b

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-lscns3IXzinQNgOofCW6rQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 552
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-lscns3IXzinQNgOofCW6rQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Wed, 24 Jan 2024 17:03:16 GMT
expires: Wed, 24 Jan 2024 17:03:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H3 200 AGSKWxVprNt6IUxIjhbX-LSLDRLI4qGxMzlla-phW6MzSc15YwbvAxkPLyr10p2c83zdgBjGkUp6OOT58g82qUxcJxXSfKFoOq02dIruaIwdAEwLig0pLvNteP_CKZpFPQm0tPSv3P2miw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
62ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVprNt6IUxIjhbX-LSLDRLI4qGxMzlla-phW6MzSc15YwbvAxkPLyr10p2c83zdgBjGkUp6OOT58g82qUxcJxXSfKFoOq02dIruaIwdAEwLig0pLvNteP_CKZpFPQm0tPSv3P2miw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTE1Nzk2LDk2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbGVzYm91Y2Fucy5jb20vZW1wbG95ZWUtaGFuZGJvb2stdGVtcGxhdGUtd29yZC1jb2xsZWN0aW9uLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed745946c4389cb3e6d427f24370497554812e70864e32ea668814ba5495d88d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EdZq0bQxD_ACS4lMUqxSQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-EdZq0bQxD_ACS4lMUqxSQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIW6Oq61H17IJNOxaxwYAWG9XGw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
www.adsensecustomsearchads.com/adsense/search/ Frame 6558 137 KB
50 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/search/ads.js?pac=2

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-ed84426ea8d377d4b&fexp=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164%2C44808454%2C21404%2C17300002%2C17301371%2C17301383%2C71847096&iab_gdprApplies=false&client=pub-9486820601950824&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=9411706115796916&num=0&output=afd_ads&domain_name=lesboucans.com&v=3&bsl=10&pac=2&u_his=2&u_tz=60&dt=1706115796918&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1031&frm=0&cl=600476684&uio=-&cont=autors-container-0&drt=0&jsid=csa&jsv=600476684&rurl=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45d45a1b05593a030896a01427f87cf85208ef3ad24341464351e03b34620a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "5218722739584108078"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Wed, 24 Jan 2024 17:03:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 154ms
153ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfns&evt=place&vh=1200&eid=44808454&hl=en&pvc=987560357558181

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _adhub_.php Show response
fundingchoicesmessages.google.com/f/AGSKWxUL1HdIsorwKuRJigrh_TwdgnIPw6qz06HsXTn2gSPp_XUoIx80EJkvFSW-hD1lJj7astqLzgQEUdxCNmHTpTSjPxgGmerL0uAp-oCyO_pqHqJkG3w90XKluSsZ1xvA2OeZGck3xzLOCpewsCh42GEIi96BV... 54 B
110 B 26ms
25ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUL1HdIsorwKuRJigrh_TwdgnIPw6qz06HsXTn2gSPp_XUoIx80EJkvFSW-hD1lJj7astqLzgQEUdxCNmHTpTSjPxgGmerL0uAp-oCyO_pqHqJkG3w90XKluSsZ1xvA2OeZGck3xzLOCpewsCh42GEIi96BVsXBE1yqJlLiAZp0I4lxl5R-Yde0Iymt/_/sponsoredcontent..uk/ads/_adhub_.php?ad=-468x60.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwYguaqMDE6-xBWX4yxN0KelhKGPw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40ada7b1de30230483866516ed65de4d9f78b84d03201e4dc80a44f7f8e04f1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HMMg-LEjcvMP-GrXRipnMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-HMMg-LEjcvMP-GrXRipnMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6Oq61H17IJfOg9t50JALx_WD4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:52:22 GMT

POST
H3 204 AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
27ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ooqUjnK16ApBPv9weqYC3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-ooqUjnK16ApBPv9weqYC3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lesboucans.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 27ms
18ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yk1K2113nAIArb8XfLxXgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yk1K2113nAIArb8XfLxXgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lesboucans.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 22ms
22ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YJg7rDPjXGxZ1l-U4kSZ_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YJg7rDPjXGxZ1l-U4kSZ_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lesboucans.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Dee5Oqp9peJ332EdP211Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Dee5Oqp9peJ332EdP211Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lesboucans.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXpvgO4tbnVcpNXsnBChZR7nuynFDo5QVCCgJe15CWg2HnviVkbXwbRTU_zg2q7LCSvy7vZ_4X7P9cgfEaqnv_qnrU6FjLLiQZ-fqGw_oGaKxV3m5YZPLqlBm7FDBwX83VF0jktxg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXpvgO4tbnVcpNXsnBChZR7nuynFDo5QVCCgJe15CWg2HnviVkbXwbRTU_zg2q7LCSvy7vZ_4X7P9cgfEaqnv_qnrU6FjLLiQZ-fqGw_oGaKxV3m5YZPLqlBm7FDBwX83VF0jktxg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MTE1Nzk3LDY2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sZXNib3VjYW5zLmNvbS9lbXBsb3llZS1oYW5kYm9vay10ZW1wbGF0ZS13b3JkLWNvbGxlY3Rpb24vIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80aa3e86a7473250f00293a8229f87826e1451ab6238469987ebe869437898eb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4VpZ9-xw_lW6HuPlgPzJ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4VpZ9-xw_lW6HuPlgPzJ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6Oq61H17IJHJj-5xITALOdWFY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWl2K19c6FwI-J8aXQYtzvFfQa37PS4IMqp3hnf2e_Xtf-rhn3UjCxCbP5UaFoMco-gvihzvn8kpeUmmnezynz4k2Vg521meoZ9zy44fJjmXkU9Sknsn5GevGCGiPVitAA7T0JY0A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
18ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWl2K19c6FwI-J8aXQYtzvFfQa37PS4IMqp3hnf2e_Xtf-rhn3UjCxCbP5UaFoMco-gvihzvn8kpeUmmnezynz4k2Vg521meoZ9zy44fJjmXkU9Sknsn5GevGCGiPVitAA7T0JY0A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EqANnQVh5cM5eDo05HW2YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-EqANnQVh5cM5eDo05HW2YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lesboucans.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 28ms
27ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3SggQlq4f1fJNI4WRDVek6X9cegx2nJcKFgpP-VXdeWJtonmMZ0SWT9q_JyCsuNXxDsVGA7xey9NK_0CLW3OgqWNY-Nkuxcg6tSr_vhnkxT_R4S1NDkOpBRY91GvWCUFr3KLhUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8H1rPQmbHSetyz_9LUOI9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-8H1rPQmbHSetyz_9LUOI9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lesboucans.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 155ms
154ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=987560357558181

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DF8 436 B
533 B 262ms
260ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9486820601950824&output=html&h=600&slotname=6151472313&adk=1547593588&adf=284389943&pi=t.ma~as.6151472313&w=300&fwrn=4&fwrnh=100&lmt=1706115797&rafmt=7&format=300x600&url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115797742&bpp=7&bdt=1823&idt=8&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd496f9f0989340ff%3AT%3D1706115796%3ART%3D1706115796%3AS%3DALNI_MbuoJHK8VkzBGChHxonh60n51_kZg&gpic=UID%3D00000d483f4ec2ea%3AT%3D1706115796%3ART%3D1706115796%3AS%3DALNI_MaYeR5q8dZLDXzFR3-mVvt6u_X7Jg&prev_fmts=0x0%2C1200x280&nras=2&correlator=4052266879178&frm=20&pv=1&ga_vid=1089859481.1706115796&ga_sid=1706115796&ga_hid=1233320043&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C95322747%2C31080602%2C95321957%2C95320888%2C95321626%2C95322164&oid=2&pvsid=987560357558181&tmod=2114396173&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=18

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d93006a28eb1cd9c4e1385b0bb7adb5dbe2d0eed58a17e630e6b12bf6d5cf5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:18 GMT
expires: Wed, 24 Jan 2024 17:03:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 173ms
55ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:13:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ae77f0-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Wed, 24 Jan 2024 18:03:17 GMT

GET
H2 403 xkfbwSmM7Jgc_rjE8T59amXb_cOdlBP7iHRQXcSR_iHSmdhghQFVCCNji_Xhkxet3KgiQVII-cTZzg1P8To5fZm8H4bn0tX_9lWpE_L5kx2_r7VeTn3H37oVqERet14Wur2hJFA5X531Aixhuoc6ODbMQbgIv5nlXcVupODGX6OJOwLMdpbUHcqGWNcBkcZvdga4s...
lh3.googleusercontent.com/proxy/ 0
0 51ms
18ms Image
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/proxy/xkfbwSmM7Jgc_rjE8T59amXb_cOdlBP7iHRQXcSR_iHSmdhghQFVCCNji_Xhkxet3KgiQVII-cTZzg1P8To5fZm8H4bn0tX_9lWpE_L5kx2_r7VeTn3H37oVqERet14Wur2hJFA5X531Aixhuoc6ODbMQbgIv5nlXcVupODGX6OJOwLMdpbUHcqGWNcBkcZvdga4sZVQ4RbiNbwKBbfCocTRwevQ03zjvQU6
Requested by: Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 9 KB
9 KB 58ms
15ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQeMp0RP0T64pccx1lN9UyrGf-9QO4Qj3xzRA&usqp=CAU

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e261391b2eb43f60bad54dc9f0816ea3ffacdd20713777e0555ebb0387c5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8805
x-xss-protection: 0
last-modified: Wed, 22 Aug 2018 17:06:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Jan 2025 17:03:17 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.gM3b0NuabUghSkxFF6eaO4J6vf_vEYKZ-iH4aUpnHa2f8ojPEsS8oZpgI5m9_m4x.ZGbM0aqQ-TxcYzDRXLfOMCSNmyY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10258.ST9nomENKF3Kiv0KH1KSid8kdrfnMQWyjv5wo2wMf-0Uf7j-_W5NaVLq1sstE0l7Lmc4UxenpRhchoNzXZk2j7iL9qauvCdRGbdx9_-8Cwvj-Fx69-a7c7Zto_UTMR6dEGG95Ayxtb...

43 B
672 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10258.ST9nomENKF3Kiv0KH1KSid8kdrfnMQWyjv5wo2wMf-0Uf7j-_W5NaVLq1sstE0l7Lmc4UxenpRhchoNzXZk2j7iL9qauvCdRGbdx9_-8Cwvj-Fx69-a7c7Zto_UTMR6dEGG95AyxtbJSHQ6gijlHUMRjfLpMVwmkd-AmeLMXNWMqc2H7ztuUy4-7xFnjlEuUSVSCmF26smRA-XMRYS00U85tJ-rmLAN5moouPcSWyaA%2C.oFx8i0ljR2TnCDseHgX-QzHyWkQ%2C

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:18 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10258.ST9nomENKF3Kiv0KH1KSid8kdrfnMQWyjv5wo2wMf-0Uf7j-_W5NaVLq1sstE0l7Lmc4UxenpRhchoNzXZk2j7iL9qauvCdRGbdx9_-8Cwvj-Fx69-a7c7Zto_UTMR6dEGG95AyxtbJSHQ6gijlHUMRjfLpMVwmkd-AmeLMXNWMqc2H7ztuUy4-7xFnjlEuUSVSCmF26smRA-XMRYS00U85tJ-rmLAN5moouPcSWyaA%2C.oFx8i0ljR2TnCDseHgX-QzHyWkQ%2C
date: Wed, 24 Jan 2024 17:03:18 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
522 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: lesboucans.com
URL: https://lesboucans.com/employee-handbook-template-word-collection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 16:14:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a94e6e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 24 Jan 2024 18:03:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
53ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f891cad0fa5c3b75f43af485ff0c8ae47aba0a0e575ea235c3ba21fdec6a4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12154
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/68633485/
Redirect Chain

https://mc.yandex.com/watch/68633485?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk6...
https://mc.yandex.com/watch/68633485/1?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6u...

447 B
566 B

62ms
61ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/68633485/1?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A85770670411%3Ahid%3A839323156%3Az%3A60%3Ai%3A20240124180318%3Aet%3A1706115798%3Ac%3A1%3Arn%3A397601337%3Arqn%3A1%3Au%3A1706115798250364079%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C234%2C121%2C122%2C%2C0%2C%2C1755%2C0%2C%2C%2C%2C2602%3Aco%3A0%3Acpf%3A1%3Ans%3A1706115795192%3Afp%3A1142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706115798%3At%3AEmployee%20Handbook%20Template%20Word%20Collection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

420789f7b5e69a392f781aca7c8ee00db2b590878978ccd4b3c24b71c266eb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 24-Jan-2024 17:03:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lesboucans.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 17:03:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:18 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-Jan-2024 17:03:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/68633485/1?wmode=7&page-url=https%3A%2F%2Flesboucans.com%2Femployee-handbook-template-word-collection%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A85770670411%3Ahid%3A839323156%3Az%3A60%3Ai%3A20240124180318%3Aet%3A1706115798%3Ac%3A1%3Arn%3A397601337%3Arqn%3A1%3Au%3A1706115798250364079%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C234%2C121%2C122%2C%2C0%2C%2C1755%2C0%2C%2C%2C%2C2602%3Aco%3A0%3Acpf%3A1%3Ans%3A1706115795192%3Afp%3A1142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706115798%3At%3AEmployee%20Handbook%20Template%20Word%20Collection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://lesboucans.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 17:03:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 17:03:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C7C 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 14:36:49 GMT
expires: Thu, 23 Jan 2025 14:36:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D78 829 B
988 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb9c40d79c174ae9d7dd1a4224dc357af5372b3678c00f6bbbd5b7b7bf93c173

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9qpwBaFQPX5Xg7hX9ekfLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lesboucans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9qpwBaFQPX5Xg7hX9ekfLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:18 GMT
expires: Wed, 24 Jan 2024 17:03:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C7C 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 15:04:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D78 0
0 155ms
154ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=987560357558181&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C7C 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1wP8yQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 160ms
159ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=987560357558181&bg=!Y2ClYC_NAAa8BdJLnAU7ADQBe5WfOFwtvxrKVVOKmC9Wf9uKV5XNF1ua4AQbTNUYHiSfLzvT2d3VkHKL8Bj3aY4bX9wRAgAAAElSAAAACWgBB5kCvigEucZ67RScOHmOJ_Q_cVShz-EsrstlzNqd5UHygLdCAqRueBBzx-1GCYFjnznjn45WlhGUVbaJKWoUh4G_J_7YN2DuowPmvq1RLL9IQ5-Eq5w-PHqM69Y5TzG-eAsIqcSobT2G2arfZZsm0hXqhuMgRNMLx7zKsEGnt3m-12D4OLgjGItWNU3tkOV8KrPgBTRkKeusUOnclcfxqCuLi5r_9T9WhGeXUoq8XjB-K_KTi7EULSSbHtHcRumCLyUbZYbZBFvErd2jayAk0SF7YsZ6kjca4Fz01nYklA9NYeo6X6tc0lhjJ665osftNDsgTV-pC9SV6Ce12kMgySMl435VWNOcGxYg56tZ0hqwyS-7VOM1swrwAv8woaEFfjbyb1O9D4VJK7qT5Y6xbSe_BDizEOV1XwSUkLk5yGNBc66SkXaonyaIvvuXmaDKwX7X3xwN7q2cEGk7006wAG3eqlAALnIB68-jBcbXgul0UBdAp1QuBEv3lc1U4QtBNe2vB8ru5BcJpJjNhc1Q5fKoQAj79TWDkYgODHW89fr-I1b0mEz3X2APz0h15HbLTyo2krn5yCIRGiGhnDx9iDHVl75PjIc0TTl3yVzCJaJ0q-JlLle2L-fQTs_bAyKhUgxRcARy-aoJhZmFUpGlOfQxZ-qiTOPgG9fYmCsw7UsiyTTaVbi03n5iVUoHMFwhVvshRyOsUcxQJc2U4a-7H0TvY64ocAScQA9RmGxMW2ypwygYrUtqA_nNxIxpiodHDQ81aYHKZauPLfMfMKKtpWbkWcUStcccOvoDDequMGOUAyHWhd-iw-OqKg4EpwCwtv0JNonBXZmLevrQI_44gR0Nc-uDCk0TE1kHmJ9qoWvLE7J8wod5Oy1TDcbYrSKA_I1-fntmW6hdKdd0gtZwhIJ6ZUq7mAdMLGnWJa1hNJEHOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lesboucans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lesboucans.com/	1970-01-21 03:16:51	Name: __gads Value: ID=d496f9f0989340ff:T=1706115796:RT=1706115796:S=ALNI_MbuoJHK8VkzBGChHxonh60n51_kZg
.lesboucans.com/	1970-01-21 03:16:51	Name: __gpi Value: UID=00000d483f4ec2ea:T=1706115796:RT=1706115796:S=ALNI_MaYeR5q8dZLDXzFR3-mVvt6u_X7Jg
.lesboucans.com/	1970-01-21 03:16:51	Name: __gsas Value: ID=06d82223c94423ea:T=1706115797:RT=1706115797:S=ALNI_MbQ5jUBMBpwgG66qTUuXQ61G7LStg
.lesboucans.com/	1970-01-21 02:40:51	Name: FCNEC Value: %5B%5B%22AKsRol8NVDzxc_wJR4BJywhpcmPofg68-sHTIPvCqak2nEJ0EDIUuXXzGR3xIoThGF-hGMrGYpfF6JuvPAWiqxwQpKYbycsn8y19_8jDFxWv4pgCS5BPoPhy7ElZiNqVAcsklP9CKLoKwQWuMGGiQkUfiEP2ea6QCA%3D%3D%22%5D%5D
.yandex.ru/	1970-01-21 03:31:15	Name: i Value: GACCbgjGCliJteaZgY+/Fv6xzRDJOGIEpmLICYqZIlg/kJ0eB4b5ArrfwSc/AgpNGJKR0UuTTOg+PAmeG86XBgie45k=
.yandex.ru/	1970-01-21 03:31:15	Name: yandexuid Value: 8864018811706115797
.doubleclick.net/	1970-01-21 03:31:15	Name: IDE Value: AHWqTUnq0xK4jyR7z52BaN6GZaBwuXWWLJfax9CmNNHR9eik4iGqvjSJSBQ0D4XBJk4
.lesboucans.com/	1970-01-21 02:40:51	Name: _ym_uid Value: 1706115798250364079
.lesboucans.com/	1970-01-21 02:40:51	Name: _ym_d Value: 1706115798
.mc.yandex.com/	1970-01-20 17:55:16	Name: sync_cookie_csrf Value: 2109406778fake
.lesboucans.com/	1970-01-20 17:56:27	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:55:16	Name: sync_cookie_csrf Value: 3968352805fake
.yandex.com/	1970-01-21 02:40:51	Name: yandexuid Value: 8864018811706115797
.yandex.com/	1970-01-21 02:40:51	Name: yuidss Value: 8864018811706115797
.yandex.com/	1970-01-21 03:31:15	Name: i Value: GACCbgjGCliJteaZgY+/Fv6xzRDJOGIEpmLICYqZIlg/kJ0eB4b5ArrfwSc/AgpNGJKR0UuTTOg+PAmeG86XBgie45k=
.yandex.com/	1970-01-21 03:31:15	Name: yp Value: 1706202198.yu.9571472551706115798
.mc.yandex.com/	1970-01-20 17:56:42	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1571168131706115798
.yandex.com/	1970-01-21 02:40:51	Name: ymex Value: 1708707798.oyu.9571472551706115798#1737651798.yrts.1706115798
.yandex.com/	1970-01-21 02:40:51	Name: bh Value: KgI/MA==

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/ Message: Mixed Content: The page at 'https://lesboucans.com/employee-handbook-template-word-collection/' was loaded over HTTPS, but requested an insecure element 'http://jarbasagnelli.com/wp-content/uploads/2020/06/employee-and-company-handbook-templates-smartsheet-regarding-sales-manual-template-728x394.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/ Message: Mixed Content: The page at 'https://lesboucans.com/employee-handbook-template-word-collection/' was loaded over HTTPS, but requested an insecure element 'http://klariti.com/wp-content/uploads/2011/07/employee-manual-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://cdn.free-power-point-templates.com/articles/wp-content/uploads/2013/06/employee-handbook-template.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://twinelandlord.com/9a180e523d269be9be4af1f8a0e6be3f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://twinelandlord.com/9a180e523d269be9be4af1f8a0e6be3f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 196) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://twinelandlord.com/9a180e523d269be9be4af1f8a0e6be3f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/(Line 43) Message: Mixed Content: The page at 'https://lesboucans.com/employee-handbook-template-word-collection/' was loaded over HTTPS, but requested an insecure element 'http://jarbasagnelli.com/wp-content/uploads/2020/06/employee-and-company-handbook-templates-smartsheet-regarding-sales-manual-template-728x394.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://lesboucans.com/employee-handbook-template-word-collection/(Line 43) Message: Mixed Content: The page at 'https://lesboucans.com/employee-handbook-template-word-collection/' was loaded over HTTPS, but requested an insecure element 'http://klariti.com/wp-content/uploads/2011/07/employee-manual-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://lh3.googleusercontent.com/proxy/xkfbwSmM7Jgc_rjE8T59amXb_cOdlBP7iHRQXcSR_iHSmdhghQFVCCNji_Xhkxet3KgiQVII-cTZzg1P8To5fZm8H4bn0tX_9lWpE_L5kx2_r7VeTn3H37oVqERet14Wur2hJFA5X531Aixhuoc6ODbMQbgIv5nlXcVupODGX6OJOwLMdpbUHcqGWNcBkcZvdga4sZVQ4RbiNbwKBbfCocTRwevQ03zjvQU6 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.free-power-point-templates.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.template.net
img.lovepik.com
jarbasagnelli.com
klariti.com
lesboucans.com
lh3.googleusercontent.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
templatelab.com
templates.business-in-a-box.com
tpc.googlesyndication.com
twinelandlord.com
www.adsensecustomsearchads.com
www.bizmanualz.com
www.google.com
104.18.19.157
192.155.110.18
192.243.59.20
2600:9000:25e8:c400:1f:b43c:f340:93a1
2606:4700:20::681a:306
2606:4700:20::681a:d24
2606:4700::6812:a66
2a00:1450:4001:800::2001
2a00:1450:4001:802::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a02:6b8::1:119
2a0b:4d07:102::1
76.223.67.189
92.205.6.179
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
22c8a95be08fa5f3a1e1319fee8749cdcefd166115cdd92feab9bdc674c3d07f
2d12e8e3570f48c2d4eccda9ef018f3488718c45481f8879b20f90bcc08bc7ef
3539fe0586a52479f7b60b2d938aa2a6d7580f8ee55d5e5fd05e4b0cb5d9974f
388b9c1a78accd63d3c23eb6b9ab98b51165a8a9ef4b09efb14f5b4a71e7f2fe
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
40ada7b1de30230483866516ed65de4d9f78b84d03201e4dc80a44f7f8e04f1f
41636f670baaf6e960589364510199e9a19993f58f88c62cb79fa000b473677c
420789f7b5e69a392f781aca7c8ee00db2b590878978ccd4b3c24b71c266eb4e
45d45a1b05593a030896a01427f87cf85208ef3ad24341464351e03b34620a3e
51e261391b2eb43f60bad54dc9f0816ea3ffacdd20713777e0555ebb0387c5bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b5ebb7b001ee9db0ec562fb9e0324e04c0bb75c2c0456131906cff29ce96cfc
5d93006a28eb1cd9c4e1385b0bb7adb5dbe2d0eed58a17e630e6b12bf6d5cf5c
5f891cad0fa5c3b75f43af485ff0c8ae47aba0a0e575ea235c3ba21fdec6a4da
61af24b5c9f2ee879adfadbe3789e9f1866717e1389949d9dec17b26bc18dd71
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
80aa3e86a7473250f00293a8229f87826e1451ab6238469987ebe869437898eb
815a181cda83682e61e86fb78311f4b58c8e3387cc4773d7f6cf4ac354f4882b
8b803355f4b14b0859865c735601a78362ebf6be2f0a073f3625cfe4667f83c3
8da66f99df70ebf9a875f65a4c5fbea079ee3500aab3c25e62d390a52b69ca06
90ad5936c397bb63f7a26dd7215c97d472f818914ab5d860f6e4d2b00949f719
a2eb158b0dd12cac6aa6365ae7df1a7ead2339ec04c64a20b9fafa8bdd5c6ae0
ab4c06d8269debcc7f296c0df3d7409b83fa2e8c1130c5d2f673cbf7b77846c3
b14ce897583c4d726d504fd6212fea94217d039d7fc9a1765c2f33c9cb7e808e
bb9c40d79c174ae9d7dd1a4224dc357af5372b3678c00f6bbbd5b7b7bf93c173
c2806f2589335e24295444a155665206b96f8c076a070e167b9b9c0a0215c53c
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
cd8f443006061dd7b5eccb7208fa5c644bc37f2d21e284602e7b7d155d5b4f19
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d
d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4
d37b8fba94f6c1f2728bb536f6026dbc3a3428b9d5e900f570931596e75a1802
d66d1e381e54cb6709ea681a97f2522554a6c29af4130012247fd400d865c02e
dad23afe71ea46591545e2839b64df3930d02ffc33a30570316280c691f70a93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c906c531a937a424830f506face049d80555048e90aaf1c3d3fcf495d2a3e7
eaf85842b551e251c339b988bbb71d52f64455783459a615c29b3108a1eed21d
eb37641ff27c72d1d32d559ff02987d2da7007c6d98b9ecc3a8cb870bcd13143
ed745946c4389cb3e6d427f24370497554812e70864e32ea668814ba5495d88d
efa6e8617d8e6a4d96859fba6905d3cc70a3f7d624e3b2cf285933d7ff8e6b39

lesboucans.com Open in urlscan Pro 192.155.110.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

76 %IPv6

20 Domains

23 Subdomains

21 IPs

6 Countries

1678 kBTransfer

2738 kBSize

20 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lesboucans.com Open in urlscan Pro
192.155.110.18 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

76 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

1678 kB
Transfer

2738 kB
Size

20
Cookies

60 HTTP transactions
0 data transactions