clients.clientarea.action.wpl-csa.info Open in urlscan Pro
198.54.121.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arrainentzakohimnoak.org/reste
Effective URL:
https://clients.clientarea.action.wpl-csa.info/
Submission: On February 26 via manual (February 26th 2019, 5:21:29 pm UTC) from ES

Summary HTTP 165 Redirects Links 121 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 45 domains to perform 165 HTTP transactions. The main IP is 198.54.121.233, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is clients.clientarea.action.wpl-csa.info.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 6th 2019. Valid for: a year.

This is the only time clients.clientarea.action.wpl-csa.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2001:8d8:100f... 2001:8d8:100f:f000::2ab	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1	198.54.121.233 198.54.121.233	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
40	195.200.110.137 195.200.110.137	8304 (ECRITEL-F...) (ECRITEL-FRANCE ISP and web hosting.)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2600:9000:204... 2600:9000:2043:6c00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2.19.46.9 2.19.46.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:204... 2600:9000:2043:9600:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	5.135.32.18 5.135.32.18	16276 (OVH) (OVH)
2	2.16.186.59 2.16.186.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.239.242.148 52.239.242.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	52.210.165.34 52.210.165.34	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:cd0:1005... 2a00:cd0:1005:2:80:82:201:80	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
1	5.196.81.114 5.196.81.114	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.48.37.92 52.48.37.92	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	35.190.40.172 35.190.40.172	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	52.16.68.29 52.16.68.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	54.171.6.140 54.171.6.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	80.82.201.86 80.82.201.86	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
2 2	185.33.223.220 185.33.223.220	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	80.82.201.94 80.82.201.94	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
1	18.197.71.228 18.197.71.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.205.21.136 52.205.21.136	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3 24	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1 4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.252.154.128 34.252.154.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	99.86.1.198 99.86.1.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.48.212.112 52.48.212.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.2.89 178.250.2.89	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	54.246.183.183 54.246.183.183	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 7	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
10	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY - Fastly)
1 1	35.201.85.158 35.201.85.158	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	18.195.230.94 18.195.230.94	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.194.234.200 54.194.234.200	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	52.17.231.199 52.17.231.199	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.71.95.4 54.71.95.4	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.132.33.27 192.132.33.27	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
13	2606:4700::68... 2606:4700::6810:5424	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	18.194.187.242 18.194.187.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
165	46

2 2001:8d8:100f:f000::2ab (Germany) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

arrainentzakohimnoak.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.54.121.233 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium68-3.web-hosting.com

clients.clientarea.action.wpl-csa.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 195.200.110.137 (France)

ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR)

cache.magicmaman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2043:6c00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.46.9 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-46-9.deploy.static.akamaitechnologies.com

tagmanager.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:9600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.32.18 (France)

ASN16276 (OVH, FR)
PTR: ip18.ip-5-135-32.eu

a.adsixmedia.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.59 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.242.148 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

targetemsecure.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.165.34 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-165-34.eu-west-1.compute.amazonaws.com

tag.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collecte.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:cd0:1005:2:80:82:201:80 (Germany)

ASN48173 (UNBELIEVABLE-AS, DE)

bei.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lpm-gmc.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.81.114 (France)

ASN16276 (OVH, FR)
PTR: ovh-lb4.dginfra.net

www.ultimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.37.92 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-37-92.eu-west-1.compute.amazonaws.com

auth.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.40.190.35.bc.googleusercontent.com

api.skimlinks.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.68.29 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.6.140 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.233 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.201.86 (Berlin, Germany)

ASN48173 (UNBELIEVABLE-AS, DE)
PTR: pbtngs-nuggad.unbelievable-machine.net

fw-sync.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.220 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.201.94 (Berlin, Germany)

ASN48173 (UNBELIEVABLE-AS, DE)

appn-sync.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.71.228 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-71-228.eu-central-1.compute.amazonaws.com

abs.proxistore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.21.136 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-21-136.compute-1.amazonaws.com

api.pxlad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.2.2 (San Francisco, United States) 3 redirects

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Switzerland) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.154.128 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-154-128.eu-west-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.1.198 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.43.115.95 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.212.112 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-212-112.eu-west-1.compute.amazonaws.com

ad.piximedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.89 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.183.183 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-183-183.eu-west-1.compute.amazonaws.com

www.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.223.202 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
convammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.85.158 (Ann Arbor, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

server.exposebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.230.94 (Cambridge, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.234.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.231.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-231-199.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.95.4 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.27 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 27.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:5424 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.187.242 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	taboola.com 3 redirects cdn.taboola.com trc.taboola.com 15.taboola.com match.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com convammp.taboola.com wf.taboola.com	613 KB
40	magicmaman.com cache.magicmaman.com eshop.magicmaman.com Failed	435 KB
13	skimresources.com 4 redirects s.skimresources.com r.skimresources.com p.skimresources.com x.skimresources.com t.skimresources.com	25 KB
9	adnxs.com 4 redirects secure.adnxs.com ib.adnxs.com	19 KB
8	rubiconproject.com fastlane.rubiconproject.com	13 KB
4	google-analytics.com 1 redirects www.google-analytics.com	18 KB
4	facebook.com staticxx.facebook.com www.facebook.com	245 B
4	nuggad.net bei.nuggad.net lpm-gmc.nuggad.net fw-sync.nuggad.net appn-sync.nuggad.net	2 KB
4	facebook.net connect.facebook.net	119 KB
3	scorecardresearch.com sb.scorecardresearch.com	1 KB
3	stickyadstv.com 1 redirects ads.stickyadstv.com	2 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	acpm.fr tag.audience.acpm.fr auth.audience.acpm.fr collecte.audience.acpm.fr	5 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	22 KB
2	exelator.com 2 redirects loadeu.exelator.com	1 KB
2	pxlad.io api.pxlad.io	3 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	windows.net targetemsecure.blob.core.windows.net	13 KB
2	dmcdn.net api.dmcdn.net	27 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	smartadserver.com tagmanager.smartadserver.com	50 KB
2	privacy-center.org sdk.privacy-center.org	133 KB
2	arrainentzakohimnoak.org 1 redirects arrainentzakohimnoak.org	604 B
1	advertising.com ads.adaptv.advertising.com	980 B
1	bttrack.com bttrack.com	383 B
1	storygize.net 1 redirects www.storygize.net	450 B
1	adsrvr.org 1 redirects match.adsrvr.org	477 B
1	bluekai.com 1 redirects tags.bluekai.com	862 B
1	powerlinks.com 1 redirects px.powerlinks.com	611 B
1	exposebox.com 1 redirects server.exposebox.com	289 B
1	audiencemanager.de www.audiencemanager.de	960 B
1	criteo.com bidder.criteo.com	236 B
1	piximedia.com ad.piximedia.com	804 B
1	proxistore.com abs.proxistore.com	3 KB
1	consensu.org api.skimlinks.mgr.consensu.org	652 B
1	google.de www.google.de	109 B
1	google.com www.google.com	109 B
1	ultimedia.com www.ultimedia.com
1	adsixmedia.fr a.adsixmedia.fr	311 B
1	googleadservices.com www.googleadservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	sascdn.com ced.sascdn.com	10 KB
1	wpl-csa.info clients.clientarea.action.wpl-csa.info	21 KB
0	4finance.com Failed rtb.4finance.com Failed
165	45

	Domain	Requested by
40	cache.magicmaman.com	clients.clientarea.action.wpl-csa.info cache.magicmaman.com connect.facebook.net
13	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com clients.clientarea.action.wpl-csa.info
11	trc.taboola.com	3 redirects cdn.taboola.com clients.clientarea.action.wpl-csa.info
9	images.taboola.com	clients.clientarea.action.wpl-csa.info
8	fastlane.rubiconproject.com	tagmanager.smartadserver.com
7	ib.adnxs.com	2 redirects tagmanager.smartadserver.com
4	convammp.taboola.com	clients.clientarea.action.wpl-csa.info
4	www.google-analytics.com	1 redirects www.googletagmanager.com clients.clientarea.action.wpl-csa.info
4	cdn.taboola.com	clients.clientarea.action.wpl-csa.info cdn.taboola.com
4	p.skimresources.com	clients.clientarea.action.wpl-csa.info
4	connect.facebook.net	clients.clientarea.action.wpl-csa.info connect.facebook.net arrainentzakohimnoak.org
3	match.taboola.com	clients.clientarea.action.wpl-csa.info
3	sb.scorecardresearch.com	cdn.taboola.com clients.clientarea.action.wpl-csa.info
3	ads.stickyadstv.com	1 redirects clients.clientarea.action.wpl-csa.info
3	x.skimresources.com	3 redirects
3	www.facebook.com	clients.clientarea.action.wpl-csa.info connect.facebook.net
3	r.skimresources.com	1 redirects clients.clientarea.action.wpl-csa.info s.skimresources.com
2	rtb.mfadsrvr.com	2 redirects
2	c.amazon-adsystem.com	tagmanager.smartadserver.com c.amazon-adsystem.com
2	loadeu.exelator.com	2 redirects
2	t.skimresources.com	s.skimresources.com
2	api.pxlad.io	api.dmcdn.net
2	secure.adnxs.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	targetemsecure.blob.core.windows.net	arrainentzakohimnoak.org cache.magicmaman.com
2	api.dmcdn.net	arrainentzakohimnoak.org api.dmcdn.net
2	tagmanager.smartadserver.com	clients.clientarea.action.wpl-csa.info tagmanager.smartadserver.com
2	sdk.privacy-center.org	clients.clientarea.action.wpl-csa.info sdk.privacy-center.org
2	arrainentzakohimnoak.org	1 redirects
1	ads.adaptv.advertising.com	vidstat.taboola.com
1	wf.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	arrainentzakohimnoak.org
1	bttrack.com	clients.clientarea.action.wpl-csa.info
1	www.storygize.net	1 redirects
1	match.adsrvr.org	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	tags.bluekai.com	1 redirects
1	px.powerlinks.com	1 redirects
1	server.exposebox.com	1 redirects
1	15.taboola.com	cdn.taboola.com
1	www.audiencemanager.de	tagmanager.smartadserver.com
1	bidder.criteo.com	tagmanager.smartadserver.com
1	ad.piximedia.com	tagmanager.smartadserver.com
1	stats.g.doubleclick.net	clients.clientarea.action.wpl-csa.info
1	d.agkn.com	js.agkn.com
1	abs.proxistore.com	clients.clientarea.action.wpl-csa.info
1	appn-sync.nuggad.net	clients.clientarea.action.wpl-csa.info
1	fw-sync.nuggad.net	clients.clientarea.action.wpl-csa.info
1	api.skimlinks.mgr.consensu.org	s.skimresources.com
1	collecte.audience.acpm.fr	clients.clientarea.action.wpl-csa.info
1	lpm-gmc.nuggad.net	clients.clientarea.action.wpl-csa.info
1	www.google.de	clients.clientarea.action.wpl-csa.info
1	www.google.com	clients.clientarea.action.wpl-csa.info
1	auth.audience.acpm.fr	tag.audience.acpm.fr
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.ultimedia.com	cache.magicmaman.com
1	staticxx.facebook.com	connect.facebook.net
1	bei.nuggad.net	clients.clientarea.action.wpl-csa.info
1	s.skimresources.com	www.googletagmanager.com
1	tag.audience.acpm.fr	arrainentzakohimnoak.org
1	a.adsixmedia.fr	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	clients.clientarea.action.wpl-csa.info
1	js.agkn.com	clients.clientarea.action.wpl-csa.info
1	ced.sascdn.com	clients.clientarea.action.wpl-csa.info
1	clients.clientarea.action.wpl-csa.info
0	rtb.4finance.com Failed	clients.clientarea.action.wpl-csa.info
0	eshop.magicmaman.com Failed	clients.clientarea.action.wpl-csa.info
165	68

This site contains links to these domains. Also see Links.

Domain
www.magicmaman.com
mamadvisor.magicmaman.com
www.sotrendoo.com
forum.magicmaman.com
www.facebook.com
twitter.com
fr.pinterest.com
www.instagram.com
annonces.magicmaman.com
fr.puressentiel.com
popup.taboola.com
cosmowomens.com
www.empfohlen.de
trkvoladx.online
www.petitfute.com
www.desired.de
www.gofeminin.de

Subject Issuer	Validity	Valid
clients.clientarea.action.wpl-csa.info Sectigo RSA Domain Validation Secure Server CA	`2019-02-06` - `2020-02-06`	a year	crt.sh
*.magicmaman.com GlobalSign Domain Validation CA - SHA256 - G2	`2017-11-06` - `2020-11-06`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-01-21` - `2019-04-21`	3 months	crt.sh
*.privacy-center.org Amazon	`2018-06-06` - `2019-07-06`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-12`	3 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2018-05-09` - `2019-05-09`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
a.adsixmedia.fr Let's Encrypt Authority X3	`2019-01-09` - `2019-04-09`	3 months	crt.sh
api.dmcdn.net Let's Encrypt Authority X3	`2019-02-26` - `2019-05-27`	3 months	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 2	`2017-11-09` - `2019-11-09`	2 years	crt.sh
*.audience.acpm.fr Amazon	`2018-11-24` - `2019-12-24`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
*.nuggad.net Gandi Standard SSL CA 2	`2018-01-12` - `2020-01-16`	2 years	crt.sh
*.ultimedia.com COMODO RSA Domain Validation Secure Server CA	`2018-03-14` - `2020-03-13`	2 years	crt.sh
www.google.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
api.skimlinks.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-10-23`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2018-06-21` - `2019-09-20`	a year	crt.sh
*.proxistore.com COMODO RSA Domain Validation Secure Server CA	`2018-11-06` - `2020-01-04`	a year	crt.sh
*.pxlad.io Amazon	`2018-07-27` - `2019-08-27`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-02-20` - `2019-09-07`	7 months	crt.sh
c.amazon-adsystem.com Amazon	`2018-12-18` - `2019-11-21`	a year	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.piximedia.com Gandi Standard SSL CA 2	`2018-10-24` - `2020-02-03`	a year	crt.sh
*.criteo.com DigiCert SHA2 Secure Server CA	`2018-11-05` - `2020-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.audiencemanager.de Go Daddy Secure Certificate Authority - G2	`2017-08-16` - `2019-10-10`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-18` - `2019-11-19`	10 months	crt.sh
*.bttrack.com COMODO RSA Domain Validation Secure Server CA	`2016-03-24` - `2019-04-14`	3 years	crt.sh
vidstat.taboola.com Go Daddy Secure Certificate Authority - G2	`2019-02-14` - `2021-02-14`	2 years	crt.sh
*.adaptv.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-09-20` - `2020-09-18`	3 years	crt.sh

This page contains 9 frames:

Primary Page: https://clients.clientarea.action.wpl-csa.info/
Frame ID: 491C50E6CAE0ADAAB6B0DB6D6BC4C8CD
Requests: 149 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/MmH55ZI0Z2G.js?version=44
Frame ID: 747D103476AD2CF44E1F5D55DFFCFEB6
Requests: 1 HTTP requests in this frame

Frame: https://www.ultimedia.com/deliver/generic/iframe/mdtk/01913797/zone/1/src/mml03r/showtitle/0/
Frame ID: EABCA8D6B0CEED536B4EBC60EBD288E0
Requests: 1 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=761fb60e8eccded9344de11038a19034&skim_mapping=true
Frame ID: C61B2AD6653B96C1B5A44DF0FFF5BD4B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=296955010358382&domain=clients.clientarea.action.wpl-csa.info&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FMmH55ZI0Z2G.js%3Fversion%3D44%23cb%3Df3501ee8b8142e%26domain%3Dclients.clientarea.action.wpl-csa.info%26origin%3Dhttps%253A%252F%252Fclients.clientarea.action.wpl-csa.info%252Ff27b1bad45731bc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Frame ID: 2F6BB1CA95E2021E114B5391AEC24948
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=378052475&gdpr=&gdpr_consent=&url=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&bpid=groupemarieclaire&c=%7B%22bpid%22%3A%22groupemarieclaire%22%2C%22loc%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%221%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%223046%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 5855DE6F3D053AB2B4DD8B64A918B4E8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8786E2B6AE6878CD4744FFA59B4D9581
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_e8dj140
Frame ID: 48E371D6FC40C309218E34F5DD4CD68A
Requests: 10 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=66297675&ttype=0&cirid=25CFBBA8248463258213438173&cicmp=2022605&cijs=1&dast=V7R3gCFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHG7La0CgUBnEyGo5mm8lqt5gNNpvNbrAYTQFDWGa_76CgnJ4es8sgKrreFrvDafa8YQhNp8Pnutfrfr-72uFzetwOt8Nu1_jdfrHo8nCaXm6X3fTWGF2nl1vkcmuMLtvLdTxLRqPJbjOYKzyHOwAAAAA8AECBrkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAc8GZoAEBxKJDTbHbZLa7Lzx8AAA8BIAAAAwokAAUDGyUAGZABJwAAAAAAAAAALP____8xA_OfSzIAHtzNNwY9AA8-AA9CAAAAWUPJh5nQmDL00UQFlkWMAAAAAHK5jZSPJnVCZVEFAECQbgVwBQAQkKYyfXSZpTso8RYGAAAQIDZDGO3uVrUtPrZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGElOpL0oIIMLvVfgEBANZ-AQEA2NQNAOBNAC7kTNB0Olz3eoXl8nDaXXbT9eH1G51uu9_htestP7_k5Tm9_KIjaMVgsDqCGAyWswMAAAC4-____8ebIYx2d6vaFtcDsc1mMVzMHKPVaObxWCyGwciyWZmco5lvYdjMLNsrsYbg8F4KSe_DEJbZ7zsoKKenx-wyiIqut8XucJo995uwxWg1mWyWw9lyMRkMR8PRaH8CthvgBA2Hg8VusNgtFsPJYjIaLAcLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCIMmXwj08I0WitGlsVatHHY1grXcrZWTTwb58qx3I1ME7fo9TF9ZiubxbHZomAAzV4EF-lE7bA8XR6zw2l52SwPu8flVjt8To_b4XbYLWKJ5mSRTmSXfW2zWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8u-ZPKNTAvTaK0YWRZr0cZhWytcy9laNfFsnCvHcjcyTdyi18f0ma1sFsdm31itFpPBYjbc7Bur1WIyWMyGm32HyjAOho5G8blq7shcOvXk8JQ5DQqXweL9SUyLaXd2EJ18R6fMIa0YG6pvQmE2eAwGRSwRnC7SiehlPF3EEsnTIp1oLIblcmIxOSeukcvm8s0szonJNdqYfKORxTnbTcQSpekinejFosvDaXq5XXbTW2N0nV5ukcutMbpsL9fxLBmNJrvNYK7wHC7qPzrEcDWXTAZz3WAuGUxWCQAAAAAAAABgCXPmTQAAAIBcgAe1412WCOyn3ZOIFA!&excid=22&tst=1&docw=0
Frame ID: 159F43A4BC677D47F61B5054235469C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://arrainentzakohimnoak.org/reste HTTP 301
http://arrainentzakohimnoak.org/reste/ Page URL
https://clients.clientarea.action.wpl-csa.info/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i
env /pbjs/i
env /PREBID_TIMEOUT/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Smart Ad Server (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^SmartAdServer$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

165
Requests

97 %
HTTPS

24 %
IPv6

45
Domains

68
Subdomains

46
IPs

8
Countries

1581 kB
Transfer

4652 kB
Size

0
Cookies

121 Outgoing links

These are links going to different origins than the main page.

URL: https://www.magicmaman.com/
Title: Magicmaman.com

Search URL Search Domain Scan URL

URL: https://mamadvisor.magicmaman.com/
Title: MAM'ADVISOR

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/video
Title: TV

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/vouloir-un-bebe,405.asp2
Title: Conception

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/grossesse-accouchement-naissance,34.asp2
Title: Grossesse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/prenom/
Title: Prénoms

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/bebe-nourrisson-eveil-parents,38.asp2
Title: Bébé

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/enfant-ecole-maternellle-jeux-croissance,39.asp2
Title: Enfant & ado

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/ecole,2006818.asp2
Title: École

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/femme,3046.asp2
Title: Femme

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/sexualite,3048.asp1
Title: Sexualité et amour

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,toutes-les-methodes-de-contraception,948.htm
Title: Toutes les méthodes de contraception

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,sexualite-et-grossesse,3080.htm
Title: Sexualité et grossesse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,vie-amoureuse,942.htm
Title: Sexo

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,problemes-et-psychologie-de-couple,3216.htm
Title: Problèmes et psychologie de couple

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,vie-amoureuse,2007288.htm
Title: Vie amoureuse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/beaute,3047.asp1
Title: Beauté femme

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,le-point-sur-le-tatouage,645,2353113.asp
Title: Tatouage et Piercing

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,sport,2007303.htm
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,maquillage,636.htm
Title: Maquillage et parfums

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,thalasso-et-spa,638.htm
Title: Thalasso et Spa

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,soin-de-la-peau,645.htm
Title: Soin de la peau

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,cheveux,647.htm
Title: Cheveux

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,epilation,3122.htm
Title: Epilation

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,beaute-star,2007261.htm
Title: Beauté star

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/nutrition-et-minceur,3038.asp1
Title: Nutrition et minceur

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,equilibre-alimentaire-et-conseils-nutritionnels,3062.htm
Title: Equilibre alimentaire et conseils nutritionnels

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,vitamines-mineraux-oligoelements,3064.htm
Title: Vitamines, minéraux, oligoéléments

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,regimes,3065.htm
Title: Régimes

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,perdre-du-poids-apres-bebe,941.htm
Title: Mincir après l’accouchement

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/vie-professionnelle,3055.asp1
Title: Vie professionnelle

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,tout-sur-le-conge-maternite,149,1713201.asp
Title: Congé maternité

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,retravailler-apres-la-naissance-de-bebe,146.htm
Title: Reprendre le travail après bébé

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,carriere-vie-famille,3282.htm
Title: Carrière et vie de famille

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,la-vie-a-l-etranger,1833.htm
Title: Expatriation, vie à l’étranger

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/mariage,2005723.asp1
Title: Mariage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,toute-la-deco-du-mariage,2005726.htm
Title: Toute la déco du mariage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,finances-contrat-droits-guide-pratique-du-mariage,2005727.htm
Title: Finances, contrat, droits : guide pratique du mariage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,photo-traiteur-ceremonie-l-organisation-du-mariage-par-etapes,2005728.htm
Title: Photo, traiteur, cérémonie : l'organisation du mariage par étapes

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,se-marier-enceinte,2005731.htm
Title: Se marier enceinte

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,anniversaire-de-mariage,2005733.htm
Title: Anniversaire de mariage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,coiffure-accessoires-mariage,3361.htm
Title: Coiffures et maquillage de mariage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/toute-la-mode-pour-les-femmes,2007478.htm
Title: Mode femme

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/psychologie,3049.asp1
Title: Psychologie

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,psychologie-et-grossesse,3074.htm
Title: Psychologie et grossesse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,autres-troubles-psychologiques,2007196.htm
Title: Troubles psychologiques

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,relations-familiales,3281.htm
Title: Relations Familiales

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/recettes,2006457.asp2
Title: Cuisine

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/loisirs-creatifs-bricolage-amenagement,2006681.asp2
Title: Déco / loisirs créatifs

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,fete-des-meres,147,2272942.asp
Title: Fête des mères

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/sante-adulte,3037.asp2
Title: Santé femme

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,saint-valentin,942,2006946.asp
Title: Saint Valentin

Search URL Search Domain Scan URL

URL: https://www.sotrendoo.com/myfamilibox-hiver-8728.html?utm_source=Article&utm_medium=MM&utm_campaign=FAMILLE
Title: Famili Box

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/videos-femme,3433.asp1
Title: Vidéos femme

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-bien-decorer-et-amenager-sa-maison,3459.htm
Title: Vidéos bien décorer et aménager sa maison

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-conseils-minceur-pour-garder-la-ligne,3461.htm
Title: Vidéos conseils minceur pour garder la ligne

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-bien-etre-relaxation-et-developpement-personnel,3502.htm
Title: Vidéos bien-être, relaxation et développement personnel

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,video-heureux-dans-son-couple,3462.htm
Title: Vidéos être heureux dans son couple

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-maquillage,2007206.htm
Title: Vidéos maquillage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-soins,2007207.htm
Title: Vidéos soins

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,videos-coiffure,2007208.htm
Title: Vidéos coiffure

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,nos-chroniqueurs,2007273.htm
Title: Nos chroniqueurs

Search URL Search Domain Scan URL

URL: http://forum.magicmaman.com/femme/beaute-maquillage-piercing-mode/liste_sujet-1.htm
Title: Forum beauté

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/guide-des-maternites,2007426.asp2
Title: Guide des maternités

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/actualites,2218.asp2
Title: Actu

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/astro/
Title: Astro

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,la-maison-des-maternelles,2007349.htm
Title: La maison des maternelles

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,boutique,2007328.htm
Title: Boutique

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/vie-pratique,2005769.asp2
Title: Vie pratique

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/services/
Title: Nos services

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,jeux-concours,3323.htm
Title: Jeux concours

Search URL Search Domain Scan URL

URL: http://forum.magicmaman.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/newsletter
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/nosmagazines
Title: à partir de 14€/an je m'abonne

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/magazine/read
Title: Gratuit je lis en ligne

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Magicmaman

Search URL Search Domain Scan URL

URL: https://twitter.com/magicmaman_com

Search URL Search Domain Scan URL

URL: https://fr.pinterest.com/magicmaman/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/magicmaman_com/

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,mon-calendrier-regles-et-ovulation,388,1228254.asp
Title: Calendrier ovulation

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,le-kamasutra-de-la-grossesse,3370044.asp
Title: Kamasutra grossesse

Search URL Search Domain Scan URL

URL: https://annonces.magicmaman.com/
Title: Petites annonces

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/services/bebe
Title: Suivi bébé

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/services/grossesse
Title: Suivi grossesse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/photo/2442730/2475776/traitement-chute-de-cheveux-baum#autoSlide
Title: Voir le diaporama 9 photos

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,j-accouche-bientot-et-j-ai-peur,408,3382463.asp
Title: accouchement

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,le-role-des-hormones-pendant-la-grossesse-et-l-accouchement,3374814.asp
Title: baisse des hormones faisant suite à l'accouchement

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,sevrer-son-bebe,557,3354877.asp
Title: arrêt de l'allaitement

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/coloration-avec-ou-sans-ppd-pour-les-cheveux-qu-est-ce-que-ca-change,3612036.asp
Title: Coloration avec ou sans PPD pour les cheveux : qu’est-ce que ça change ?

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,chute-de-cheveux-femme-accouchement,2442721.asp
Title: Comment expliquer la chute de cheveux chez la femme après l'accouchement ?

Search URL Search Domain Scan URL

URL: https://fr.puressentiel.com/
Title: fr.puressentiel.com

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/sextoy-sodomie-sexe-oral-les-francaises-osent-de-plus-en-plus-de-choses-au-lit,3619068.asp
Title: Sextoy, sodomie, sexe oral... Les Françaises osent de plus en plus de choses au lit

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/regime-post-grossesse-de-kylie-jenner-l-avis-d-un-pro,3618783.asp
Title: Régime post-grossesse de Kylie Jenner : l’avis d’un pro !

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/astrologie-quelle-est-votre-personnalite-sexuelle-signe-par-signe,3618122.asp
Title: Astrologie : quelle est votre personnalité sexuelle, signe par signe ?

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,chute-cheveux,2442741.asp
Title: La chute de cheveux chez la jeune maman 4 articles

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,reponse-d-expert-je-suis-tombee-enceinte-en-plein-traitement-anti-chute-de-cheveux-des-consequences-pour-mon-bebe,3422209.asp
Title: Réponse d'expert : " Je suis tombée enceinte en plein traitement anti-chute de cheveux. Des conséquences pour mon bébé ?"

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,les-remedes-de-grand-mere-contre-la-chute-de-cheveux,3296881.asp
Title: Les remèdes de grand-mère contre la chute de cheveux

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/fr/?template=colorbox&utm_source=marieclairefrance-magicmaman&utm_medium=referral&utm_content=thumbnails-e:Below%20Article%20Thumbnails:
Title: par Taboola

Search URL Search Domain Scan URL

URL: http://cosmowomens.com/wonderful-happy-family-husband-illustrates-everyday-life-wife-pictures/?utm_source=taboola&utm_medium=referral&utm_campaign=Wife_J%C3%B3ska_WORLDWIDE-GY&utm_term=marieclairefrance-magicmaman&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F959ae680423863540a545ed3eae50fee.jpg-Husband+Illustrates+Everyday+Life+With+Wife+In+19+Pictures.+Try+Not+To+Cry%21
Title: Cosmo Womens

Search URL Search Domain Scan URL

URL: https://www.empfohlen.de/?cid=7aNqJ7j2bZ&utm_source=taboola&utm_medium=referral
Title: empfohlen.de

Search URL Search Domain Scan URL

URL: http://trkvoladx.online/e8e0aa7f-4ba1-455e-b7e5-9fdc54c82615?campaignid=1726751&site=marieclairefrance-magicmaman&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe5f99a10dfbedfa84a2373e5a75d1799.png&title=Praktisch+unzerst%C3%B6rbare+Drohne+erobert+Deutschland+im+Sturm&item=156339577&timestamp=2019-02-26+17%3A21%3A23&platform=Desktop&taboolaclickid=CjBkZDdkNGE0NC0xZDIxLTRjYTYtYTU5Ni01YjNjOWUxOTdkNGItdHVjdDM2ZWZiMTMSGGFkc3Bhcmt4ZGlnaXRhbC1rb3Rhay1zYw
Title: Dronex Pro

Search URL Search Domain Scan URL

URL: https://www.petitfute.com/r5-alsace/actualite/m17-diaporama/a10635-top-10-des-desserts-de-nos-regions.html?pfpart=Taboola&utm_source=Taboola&utm_medium=cpc&utm_content=Top10&utm_campaign=Taboola_Franco_top20&utm_source=taboola&utm_medium=referral#xtor=AD-404
Title: Petit Futé

Search URL Search Domain Scan URL

URL: https://www.desired.de/liebe/bilderstrecke/das-finden-maenner-an-frauen-richtig-unattraktiv/?utm_source=taboola&utm_medium=reco_widgets&utm_term=marieclairefrance-magicmaman&utm_content=036_Desired_Desktop_finden-Maenner-unattraktiv
Title: Desired

Search URL Search Domain Scan URL

URL: https://www.gofeminin.de/mode-beauty/album1344698/frisuren-feines-haar-ab-50-0.html?utm_source=tabo&utm_medium=cpc&utm_campaign=Tabo-GF-Photos-DE-Desktop-frisuren-feines-haar&utm_content=marieclairefrance-magicmaman
Title: Gofeminin

Search URL Search Domain Scan URL

URL: http://www.magicmaman.com/,9-exercices-pour-remodeler-son-corps-apres-la-grossesse-en-15-minutes-par-jour,3372167.asp

Search URL Search Domain Scan URL

URL: http://www.magicmaman.com/,chute-de-cheveux-femme-accouchement,2442721.asp

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/fr/?template=colorbox&utm_source=marieclairefrance-magicmaman&utm_medium=referral&utm_content=organic-thumbnails-b:Organic%20Below%20Article%20Thumbnails:
Title: par Taboola

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,9-exercices-pour-remodeler-son-corps-apres-la-grossesse-en-15-minutes-par-jour,3372167.asp
Title: 9 exercices pour remodeler son corps après la grossesse en 15 minutes par jour

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,epilation-sans-douleur-5-conseils-de-pro-pour-avoir-moins-mal,3282548.asp
Title: Epilation sans douleur : 5 conseils de pro pour avoir moins mal

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/les-manucures-hommage-a-la-maternite-les-plus-wtf,3616821.asp
Title: Les manucures hommage à la maternité les plus WTF

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,75-coiffures-pour-etre-au-top-pour-la-rentree,2363290.asp
Title: 85 idées de coiffures pour changer de tête à la rentrée

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,coiffures-ete-2013,647,2325262.asp
Title: Coiffures été 2015 : 70 idées pour changer de tête !

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,du-nouveau-pour-les-p-tites-tignasses-frisees-ou-crepues,642,2199059.asp
Title: Du nouveau pour les p’tites tignasses frisées ou crépues ? Miss PhytoSpecific: LA solution miracle pour dédramatiser le coiffage

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,jouer-a-coucou-cache-avec-les-bebes-favorise-leur-developpement,2442726.asp
Title: Jouer à « coucou, caché » avec les bébés favorise leur développement

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,etats-unis-un-enfant-de-9-ans-kidnappe-obtient-sa-liberation-en-chantant-du-gospel,2442734.asp
Title: Etats-Unis : un enfant de 9 ans kidnappé obtient sa libération…en chantant du gospel !

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,traitement-chute-de-cheveux,2442730.asp
Title: Traitement chute de cheveux : ces produits à utiliser post-grossesse

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,faire-des-meches-enceinte-risque-pour-mon-bebe,3394460.asp
Title: Faire des mèches enceinte : risqué pour mon bébé ?

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/quand-reprendre-le-sport-apres-l-accouchement,3498317.asp
Title: Le live du mercredi : comment reprendre le sport après l’accouchement ?

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/plan/3046
Title: Plan du site

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,mentions-legales,2172,1107448.asp
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.magicmaman.com/,politique-d-utilisation-des-cookies,2544274.asp
Title: Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arrainentzakohimnoak.org/reste HTTP 301
http://arrainentzakohimnoak.org/reste/ Page URL
https://clients.clientarea.action.wpl-csa.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://arrainentzakohimnoak.org/reste HTTP 301
http://arrainentzakohimnoak.org/reste/

Request Chain 68

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22domains%22%3A%5B%22magicmaman.com%22%2C%22mamadvisor.magicmaman.com%22%2C%22sotrendoo.com%22%2C%22forum.magicmaman.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22fr.pinterest.com%22%2C%22instagram.com%22%2C%22annonces.magicmaman.com%22%5D%7D HTTP 302
https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D4ND6FZ88KPKQ3CBG4T0V7JK&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22domains%22%3A%5B%22magicmaman.com%22%2C%22mamadvisor.magicmaman.com%22%2C%22sotrendoo.com%22%2C%22forum.magicmaman.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22fr.pinterest.com%22%2C%22instagram.com%22%2C%22annonces.magicmaman.com%22%5D%7D&checksum=e139cc3bf23a4da37f5d66b5be56395a98daad308e24c62bfb89759c4ee6baa3

Request Chain 75

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=761fb60e8eccded9344de11038a19034 HTTP 302
https://p.skimresources.com/?provider_id=761fb60e8eccded9344de11038a19034&skim_mapping=true

Request Chain 78

https://ads.stickyadstv.com/data-registering?dataProviderId=866&redirectId=1394 HTTP 302
https://fw-sync.nuggad.net/syncuid?dpid=6726&uid=ba44b91aca6a1fd2963781c6b22fd1dc

Request Chain 79

https://secure.adnxs.com/getuid?https%3A%2F%2Fappn-sync.nuggad.net%2Fsyncuid%3Fdpid%3D7906%26o%3Dl%26uid%3D%24UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fappn-sync.nuggad.net%252Fsyncuid%253Fdpid%253D7906%2526o%253Dl%2526uid%253D%2524UID HTTP 302
https://appn-sync.nuggad.net/syncuid?dpid=7906&o=l&uid=1224776746655146658

Request Chain 86

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=7b7e1163a01fc2193776ba5e4171da67 HTTP 302
https://p.skimresources.com/?provider_id=7b7e1163a01fc2193776ba5e4171da67&skim_mapping=true

Request Chain 94

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1866395060&t=event&ni=1&_s=1&dl=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&dr=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&ul=en-us&de=UTF-8&dt=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Appel%20Bloc&ea=Digiteka&el=page&_u=YEBAAEAB~&jid=1736023373&gjid=610353240&cid=343681385.1551201683&tid=UA-5468943-1&_gid=553749664.1551201683&_r=1&gtm=2wg24157BMPX&cd1=large&cd2=3046_Femme&cd3=3047_Beaut%C3%A9%20femme&cd4=647_Cheveux&cd5=4&cd6=19_Galeriephoto&cd7=1_Moteur-de-recherche&cd8=1_R%C3%A9daction&cd9=0&cd10=2014-04-23&cd11=8801&cd12=2015-07-22&cd13=1948116&z=99490017 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5468943-1&cid=343681385.1551201683&jid=1736023373&_gid=553749664.1551201683&gjid=610353240&_v=j73&z=99490017

Request Chain 122

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_e8dj140

Request Chain 123

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ae522fbd-0d64-41f6-8dd5-f2d04758530d

Request Chain 124

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://tags.bluekai.com/site/38310?id=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D&redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DEvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D

Request Chain 125

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658 HTTP 302
https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=1224776746655146658&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D1224776746655146658

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA3r3eBdLGTm23KGlJIoCPs&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658

Request Chain 128

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3 HTTP 302
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D7669af72-95f1-4cbe-8dfa-3032f165e5a3

Request Chain 129

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46 HTTP 302
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D3eaf2dd6-5697-42b2-b296-80782daeed46

Request Chain 131

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f1a00eea-88ae-4858-aa85-42c1bda9bad5&bsw_param=f1a00eea-88ae-4858-aa85-42c1bda9bad5

165 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
arrainentzakohimnoak.org/reste/
Redirect Chain

http://arrainentzakohimnoak.org/reste
http://arrainentzakohimnoak.org/reste/

92 B
353 B

50ms
49ms

Document
text/html

2001:8d8:100f:f000::2ab
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: http://arrainentzakohimnoak.org/reste/
Protocol: HTTP/1.1
Server: 2001:8d8:100f:f000::2ab , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache / PHP/7.2.15
Resource Hash: 5c7aa235733b1cb6f3f694b56c74e77dbb7428f365578dc1098f5a5d33d29563

Request headers

Host: arrainentzakohimnoak.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Tue, 26 Feb 2019 17:21:14 GMT
Server: Apache
X-Powered-By: PHP/7.2.15
Content-Encoding: gzip

Redirect headers

Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Connection: keep-alive
Keep-Alive: timeout=15
Date: Tue, 26 Feb 2019 17:21:14 GMT
Server: Apache
Location: http://arrainentzakohimnoak.org/reste/

GET
H2 200 Primary Request / Show response
clients.clientarea.action.wpl-csa.info/ 113 KB
21 KB 2867ms
2474ms Document
text/html 198.54.121.233
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.121.233 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium68-3.web-hosting.com
Software: Apache / PHP/7.0.33
Resource Hash: c6c46305edb881a489fb435876af7f32fa619e54b2175cb55cc4ffa5b2dd900d

Request headers

:method: GET
:authority: clients.clientarea.action.wpl-csa.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://arrainentzakohimnoak.org/reste/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://arrainentzakohimnoak.org/reste/

Response headers

status: 200
date: Tue, 26 Feb 2019 17:21:14 GMT
server: Apache
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
content-encoding: gzip
content-length: 21724
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK page.css
cache.magicmaman.com/data/display/ 133 KB
26 KB 3097ms
17ms Stylesheet
text/css 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

5d4b4d1cc45889916955829f6c307dd96ec88188b5eb935b807c70a022dd961d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 13:41:05 GMT
Content-Encoding: gzip
Age: 704415
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 26374
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 12 Feb 2019 15:56:19 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: W/"5c62eca3-2154f"
Strict-Transport-Security: max-age=60
X-Varnish: 76040937 777822443
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: text/css
X-Cache-Hits: 2060406

GET
H/1.1 200
OK tools.js Show response
cache.magicmaman.com/data/display/ 189 KB
73 KB 3104ms
24ms Script
application/javascript 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

4d7c0c2d2e1599414188cda791d1f34d3e4112f27c9cda1791f86f944dc003ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 15 Feb 2019 09:26:03 GMT
Content-Encoding: gzip
Age: 978917
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 74036
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 12 Feb 2019 15:56:20 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: W/"5c62eca4-2f4da"
Strict-Transport-Security: max-age=60
X-Varnish: 76459691 635789055
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 2739219

GET
H/1.1 200
OK page.js Show response
cache.magicmaman.com/data/display/ 61 KB
19 KB 3104ms
24ms Script
application/javascript 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

f28890097588841710193f9aeeb59ebf3836999d5da2bf438a47a46eba4ba403

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 13:41:12 GMT
Content-Encoding: gzip
Age: 704408
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 18838
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 12 Feb 2019 15:56:19 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: W/"5c62eca3-f3b6"
Strict-Transport-Security: max-age=60
X-Varnish: 76198691 777671893
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1985915

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

54a1c6a1be0a8308a6d18d36cb7915baebcd7921955b4ae859c28a902ff41a88

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OLVwHqIEBT3pw5QnMKlnWg==
status: 200
vary: Accept-Encoding
content-length: 1747
x-xss-protection: 0
x-fb-debug: 876L90ZrwCf7JIYYgCjo4fZ19NlCm9ZbJQpSvgqF3HA07LAPN1VS5Ip3lVmzGL5If8sxryO9uKtYh+wiTgTtig==
x-fb-content-md5: eb28c3da3d5c11d89052ed41a2683bcc
date: Tue, 26 Feb 2019 17:21:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
access-control-allow-credentials: true
etag: "f27b28bf372dbe2ffa3607985180e912"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Tue, 26 Feb 2019 17:28:46 GMT

GET
H/1.1 200
OK article.css
cache.magicmaman.com/data/display/ 60 KB
13 KB 3097ms
18ms Stylesheet
text/css 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/data/display/article.css?deewzavdoso40kgs08kg8gsww

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

ba630853895ab60048f570946aeee9b38fe877dc8827eb43f1cb8457c56e11ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Feb 2019 15:25:18 GMT
Content-Encoding: gzip
Age: 438962
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 12491
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 20 Feb 2019 13:53:01 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: W/"5c6d5bbd-ee32"
Strict-Transport-Security: max-age=60
X-Varnish: 73531361 923344383
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: text/css
X-Cache-Hits: 1142434

GET
H/1.1 200
OK article.js Show response
cache.magicmaman.com/data/display/ 27 KB
9 KB 3097ms
18ms Script
application/javascript 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/data/display/article.js?114ftq9awp8g4w00g4so040k0

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

db37ba691ef84f39093b3a165302685ef8c272f1481d985f86c762a9cb593859

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 8368
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 20 Feb 2019 13:52:58 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: W/"5c6d5bba-6b4d"
Strict-Transport-Security: max-age=60
X-Varnish: 76588803 11299562
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 339324

GET
H2 200 loader.js Show response
sdk.privacy-center.org/ 990 B
886 B 69ms
7ms Script
application/javascript 2600:9000:2043:6c00:5:b7cc:d3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/loader.js
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:6c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: CloudFront /
Resource Hash: d7bf10002e5a3be0b533aa25282f016c7b51630c5e6b07a7fce833ebcbdd9618

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 16:44:52 GMT
content-encoding: gzip
server: CloudFront
age: 2186
etag: "5f46f184393898cca1c310948408088b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
content-length: 565
via: 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
x-amz-cf-id: wnKVxKybJ1eb72y7Xr3AAvTv_j2CAiWS-cbLgMj9ZUrgmbl36RYEDw==

GET
H/1.1 200
OK cover.jpg
cache.magicmaman.com/data/photo/w260_c18/magazine/ 29 KB
29 KB 3089ms
13ms Image
image/jpeg 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/data/photo/w260_c18/magazine/cover.jpg?86414dfcefc21c495285453c237bc3f1

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

c6834fe67c87faf511c024906640a07c460e06c5d62b249b25fbc71b2c5eae74

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:02:06 GMT
Via: 1.1 varnish-v4
Age: 368354
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 29512
Server: nginx
Last-Modified: Fri, 22 Feb 2019 11:02:06 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5c6fd6ae-7348"
Strict-Transport-Security: max-age=60
X-Varnish: 76329169 957197655
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Cache-Hits: 880235

GET
H/1.1 200
OK cover.jpg
cache.magicmaman.com/data/photo/w260_c18/magazine/free/ 27 KB
27 KB 19ms
18ms Image
image/jpeg 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/data/photo/w260_c18/magazine/free/cover.jpg?20619560fc268016b366859c99d90b9c

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

1fe71418c961b60988944cab19168614743519ef29f06e7e55029bd55c407fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 12:54:55 GMT
Via: 1.1 varnish-v4
Age: 707185
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 27402
Server: nginx
Last-Modified: Mon, 07 Jan 2019 09:16:58 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5c33190a-6b0a"
Strict-Transport-Security: max-age=60
X-Varnish: 76040943 774599030
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Cache-Hits: 2039338

GET
H/1.1 200
OK traitement-anti-chute-de-cheveux-post-grossesse.jpg
cache.magicmaman.com/data/photo/w1000_ci/1ec/ 64 KB
64 KB 21ms
20ms Image
image/jpeg 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/data/photo/w1000_ci/1ec/traitement-anti-chute-de-cheveux-post-grossesse.jpg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

2e8738ee236fb301147efc62ab5d3cc02b02834d8f1b816560e8df325a8648dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 15:08:40 GMT
Via: 1.1 varnish-v4
Age: 699160
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 65287
Server: nginx
Last-Modified: Mon, 10 Dec 2018 14:44:22 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5c0e7bc6-ff07"
Strict-Transport-Security: max-age=60
X-Varnish: 76137293 781115460
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Cache-Hits: 2460

GET getProductLink
eshop.magicmaman.com/retailer/ 0
0

GET
H2 200 smart.js Show response
ced.sascdn.com/tag/50/ 23 KB
10 KB 101ms
7ms Script
application/javascript 68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/50/smart.js
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A7) /
Resource Hash: e6a396ea3805b674bb612ddbe51030a4432ef60c49a52faaaa49a7a4a57bbe76

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:20 GMT
content-encoding: gzip
last-modified: Tue, 26 Feb 2019 17:17:14 GMT
server: ECS (fcn/41A7)
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 9777
expires: Tue, 26 Feb 2019 17:26:20 GMT

GET
H/1.1 200
OK smart.prebid.js Show response
tagmanager.smartadserver.com/50/6300/ 41 KB
9 KB 84ms
8ms Script
application/javascript 2.19.46.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/50/6300/smart.prebid.js
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.19.46.9 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-46-9.deploy.static.akamaitechnologies.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 9443dd70a9774a69c67c9843cde40aaa79ec9c3f1575e4121e0302d07379eeaf

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Feb 2019 09:20:54 GMT
Server: Apache/2.4.10 (Debian)
ETag: "a407-5812220493b49-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=388
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8894
Expires: Tue, 26 Feb 2019 17:27:48 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 84ms
10ms Script
application/javascript 2600:9000:2043:9600:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:9600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Feb 2019 22:37:50 GMT
via: 1.1 268be5c908db8ae22ed9c5c6cfffc109.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 22:35:38 GMT
server: AmazonS3
age: 67485
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: qGcCvzhWu1xPI68t2InJDcyNlGl1fMA8PTNbEo182IvdQfEVxfbI0g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
34 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57BMPX

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

7c7ebedc4be9f54aaf57f8bebd8b9895bed88cfe30b231245e61b36185e75ef0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:20 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 34902
x-xss-protection: 1; mode=block
expires: Tue, 26 Feb 2019 17:21:20 GMT

GET
H/1.1 200
OK facebook.svg
cache.magicmaman.com/image/picto/reverse/social/ 776 B
1 KB 18ms
17ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/facebook.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

49a82e854f1af47fee73975310902081b1183e3fb862f919e0a209c464d43b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:05 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 532
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 05 Jul 2016 15:47:28 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577bd690-308"
Strict-Transport-Security: max-age=60
X-Varnish: 76293003 12683842
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 371683

GET
H/1.1 200
OK twitter.svg
cache.magicmaman.com/image/picto/reverse/social/ 2 KB
2 KB 19ms
18ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/twitter.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

648b09bd245cdffcb8c3b66cd638a59053bfcb3e1a296a1411cff2946870db14

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:05 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 989
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 05 Jul 2016 15:47:28 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577bd690-68e"
Strict-Transport-Security: max-age=60
X-Varnish: 75910893 11949235
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 369901

GET
H/1.1 200
OK pinterest.svg
cache.magicmaman.com/image/picto/reverse/social/ 2 KB
1 KB 18ms
17ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/pinterest.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

0bb34b4098437eb2c3ecf00d86062e80c74e737dd2d6d506ae6d388259fcafe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:05 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 864
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 05 Jul 2016 15:47:28 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577bd690-677"
Strict-Transport-Security: max-age=60
X-Varnish: 76260953 1058960650
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 371344

GET
H/1.1 200
OK instagram.svg
cache.magicmaman.com/image/picto/reverse/social/ 1 KB
1 KB 18ms
17ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/instagram.svg?0

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

0617b8f56bc75e1fcf7d244f9314619f623ba3fed93796f16ce86d03e2c76ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 13:06:46 GMT
Content-Encoding: gzip
Age: 101674
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 838
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 05 Jul 2016 15:47:28 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577bd690-5b3"
Strict-Transport-Security: max-age=60
X-Varnish: 76260957 18060539
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 342206

GET
H/1.1 200
OK newsletter.svg
cache.magicmaman.com/image/picto/reverse/social/ 1 KB
1 KB 24ms
23ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/newsletter.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

31ab29ab3c8210575c1dc3b868397f964326ee17da2edd8ea834931d9a9ff12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:05 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 575
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 04 Jan 2017 09:19:58 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "586cbe3e-476"
Strict-Transport-Security: max-age=60
X-Varnish: 75910894 12683862
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 368597

GET
H/1.1 200
OK menu.svg
cache.magicmaman.com/image/picto/standard/ 2 KB
2 KB 24ms
23ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/menu.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

de643914fa5858defe271b7492b4ff8a4524245cc1d4e99d974a628700da1ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:04 GMT
Content-Encoding: gzip
Age: 108976
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1203
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-85b"
Strict-Transport-Security: max-age=60
X-Varnish: 75880920 11521727
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 372759

GET
H/1.1 200
OK logo.svg
cache.magicmaman.com/image/picto/standard/ 20 KB
8 KB 25ms
24ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/logo.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

879f5873432947dd5971d652f3cba47ce6b20469e31b8c10021346c0ead52b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 7490
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 11 Sep 2017 14:47:50 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "59b6a216-5119"
Strict-Transport-Security: max-age=60
X-Varnish: 76362538 12556259
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 374839

GET
H/1.1 200
OK edition_papier.svg
cache.magicmaman.com/image/picto/standard/ 1 KB
1 KB 18ms
17ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/edition_papier.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

22beb14b2ff8729d96100a8e57f29564167b60ae0a1fac01a5ad848ab577c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 618
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 23 Jan 2017 10:20:44 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5885d8fc-49a"
Strict-Transport-Security: max-age=60
X-Varnish: 76260958 11299548
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 372278

GET
H/1.1 200
OK search.svg
cache.magicmaman.com/image/picto/standard/ 3 KB
2 KB 33ms
21ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/search.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

d0c506cb08366f0753df295747d51ec68071dfd94f65e1ab5ffc23b575cee8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1565
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-a70"
Strict-Transport-Security: max-age=60
X-Varnish: 76293007 12621071
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 374023

GET
H/1.1 200
OK josefin_sans_regular.woff2
cache.magicmaman.com/media/font/ 31 KB
32 KB 2166ms
29ms Font
font/woff2 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/media/font/josefin_sans_regular.woff2

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

64fd3873810fc1ac483f2256f64495e9db679268a015a4162edd1b8dc5234c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Via: 1.1 varnish-v4
Age: 108976
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 31804
Server: nginx
Last-Modified: Wed, 06 Jul 2016 16:03:15 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577d2bc3-7c3c"
Strict-Transport-Security: max-age=60
X-Varnish: 75459505 12747557
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: font/woff2
X-Cache-Hits: 353772

GET
H/1.1 200
OK claire_hand_bold.woff2
cache.magicmaman.com/media/font/ 34 KB
34 KB 2168ms
29ms Font
font/woff2 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/media/font/claire_hand_bold.woff2

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

9e67f27105e627dc8faeb6d544ff7f8d00e13c5762bd7d015d18585f264c488c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Via: 1.1 varnish-v4
Age: 108976
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 34304
Server: nginx
Last-Modified: Tue, 22 Nov 2016 11:46:16 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "58343008-8600"
Strict-Transport-Security: max-age=60
X-Varnish: 76683023 12556255
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: font/woff2
X-Cache-Hits: 353914

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 192 KB
57 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=06447acd192a425a48560cf493399330&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ba3c75139a8fecf5c8811dbd8d12f6e74b28bffaf74ae0a808d4f5cebf097c14

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bnd9YqMFDJW9XZxuD2MNFw==
status: 200
vary: Accept-Encoding
content-length: 58210
x-xss-protection: 0
x-fb-debug: cO+Te0uaxSGs7T8P8BZB4MyG4klOdlBIRMKsixGD3/jzfPMT6bk0VrW9wUn/XW9LxlCS33h4eOZwOt496EbLAQ==
x-fb-content-md5: 1afcdbbdce165a7530c417b19be0939a
date: Tue, 26 Feb 2019 17:21:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
access-control-allow-credentials: true
etag: "bfa86aa4349b26603f8bb2bf8c6ff672"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Wed, 26 Feb 2020 16:09:32 GMT

GET
H2 200 sdk.ed19fc5b26fc54e8a88bc0948a35b07d9738360a.js Show response
sdk.privacy-center.org/ 619 KB
133 KB 9ms
9ms Script
application/javascript 2600:9000:2043:6c00:5:b7cc:d3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk.ed19fc5b26fc54e8a88bc0948a35b07d9738360a.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:6c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72794cd46b1ac26e67fd7bd1267174d22f7c0fd95562b41b2b0114f6d9927354

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Feb 2019 22:35:41 GMT
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 22:28:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1550528726/ctime:1550528726/gid:0/gname:root/md5:71e2ed050a0ba413316782d91b7c8cdf/mode:33188/mtime:1550528726/uid:0/uname:root
age: 672340
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-amz-cf-id: lbh6am065Oz4PebJjfEhEtYtwgEhswQfIFIwRvH3Gyt78hUB9MXYgw==
via: 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)

GET
H/1.1 200
OK close.svg
cache.magicmaman.com/image/picto/standard/ 2 KB
2 KB 32ms
20ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/close.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

7104da56501a7bdede3e8177cfda915704212676cf6c531146b916e66ccf7800

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1048
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-6b8"
Strict-Transport-Security: max-age=60
X-Varnish: 76682941 11847769
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 372753

GET
H/1.1 200
OK oswald_regular.woff2
cache.magicmaman.com/media/font/ 21 KB
22 KB 2123ms
30ms Font
font/woff2 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.magicmaman.com/media/font/oswald_regular.woff2

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

f54b92673ed70cb249b4c1ee6a49b79323024fd88d44e438e556e60f55ae6d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Mon, 25 Feb 2019 11:05:07 GMT
Via: 1.1 varnish-v4
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 21580
Server: nginx
Last-Modified: Wed, 06 Jul 2016 16:03:15 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577d2bc3-544c"
Strict-Transport-Security: max-age=60
X-Varnish: 76811047 1070552089
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: font/woff2
X-Cache-Hits: 351079

GET
H/1.1 200
OK arrow_full_down.svg
cache.magicmaman.com/image/picto/standard/ 539 B
941 B 17ms
17ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/arrow_full_down.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

aaf50be2164c35705dacf582e028332c286faa3185dd19e6c1596f9b695196d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 384
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 13 Jul 2016 14:25:49 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57864f6d-21b"
Strict-Transport-Security: max-age=60
X-Varnish: 76362545 12621075
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 353479

GET
H/1.1 200
OK arrow_full_up.svg
cache.magicmaman.com/image/picto/theme/ 568 B
951 B 18ms
18ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/theme/arrow_full_up.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

51b85224ee39aac013d6d258dd3a9e1f6f9cc130a1fbb5fc7eeb950e3df83302

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 394
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 13 Jul 2016 14:25:49 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57864f6d-238"
Strict-Transport-Security: max-age=60
X-Varnish: 76362546 10875833
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 346668

GET
H/1.1 200
OK plus_menu.svg
cache.magicmaman.com/image/picto/standard/ 2 KB
2 KB 21ms
20ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/plus_menu.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

73f4e363e96f8e8cabf9afb84271e9c055e2ce5437567145abcf073bfecdb75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1121
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-771"
Strict-Transport-Security: max-age=60
X-Varnish: 76260970 12361635
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 353633

GET
H/1.1 200
OK 3.svg
cache.magicmaman.com/image/picto/service/ 24 KB
8 KB 22ms
19ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/3.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

6f9eeb42182c8e7d72133ad1a5a623dee560e2fff5d018dbf8c5921798b33fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:09 GMT
Content-Encoding: gzip
Age: 108972
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 7658
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Thu, 11 Aug 2016 15:08:48 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57ac9500-5eaf"
Strict-Transport-Security: max-age=60
X-Varnish: 75910906 12524671
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 160429

GET
H/1.1 200
OK 10.svg
cache.magicmaman.com/image/picto/service/ 8 KB
4 KB 29ms
29ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/10.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

88bc26c3773892d715e1e7811635553430f4da92f9c8b0be165deee8a09b5f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:07 GMT
Content-Encoding: gzip
Age: 108973
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 3913
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Thu, 11 Aug 2016 15:08:48 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57ac9500-21a4"
Strict-Transport-Security: max-age=60
X-Varnish: 76040947 12589615
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 262907

GET
H/1.1 200
OK 8.svg
cache.magicmaman.com/image/picto/service/ 25 KB
8 KB 24ms
23ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/8.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

f3560b4a692960c1d0af16b377cf757d8dc9985262a849684e273fc73b02675a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:07 GMT
Content-Encoding: gzip
Age: 108973
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 7724
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Thu, 11 Aug 2016 15:08:48 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57ac9500-65f3"
Strict-Transport-Security: max-age=60
X-Varnish: 75327669 12075960
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 194913

GET
H/1.1 200
OK 11.svg
cache.magicmaman.com/image/picto/service/ 21 KB
7 KB 25ms
23ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/11.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

692ab66c053396ca31b7afff686be8c1c5c242d7892f0c4e1e7f31c30aaf0d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:08 GMT
Content-Encoding: gzip
Age: 108972
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 6370
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Thu, 11 Aug 2016 15:08:48 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57ac9500-5371"
Strict-Transport-Security: max-age=60
X-Varnish: 76293012 12716957
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 224001

GET
H/1.1 200
OK 13.svg
cache.magicmaman.com/image/picto/service/ 15 KB
6 KB 44ms
18ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/13.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

4161a12b4fd1acb5e496e95ade9c20af5b339890f657d721492504a311afbfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:07 GMT
Content-Encoding: gzip
Age: 108973
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 5144
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 26 Sep 2016 09:24:21 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57e8e945-3b70"
Strict-Transport-Security: max-age=60
X-Varnish: 76588809 12524605
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 164066

GET
H/1.1 200
OK 14.svg
cache.magicmaman.com/image/picto/service/ 19 KB
7 KB 24ms
22ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/service/14.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

6f9131b9e088f5eefb3c291b5eae884ec340bb4cf6e0eb7ce5e136569f7f49e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 6394
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 26 Sep 2016 09:24:21 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57e8e945-4c73"
Strict-Transport-Security: max-age=60
X-Varnish: 75910908 12035539
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 245661

GET
H/1.1 200
OK arrow_line_right.svg
cache.magicmaman.com/image/picto/reverse/ 1018 B
1 KB 24ms
22ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/arrow_line_right.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

839ce04b28bac61d63ffd8d4b23ae98de62e60106ed9123140945de76045c636

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/article.css?deewzavdoso40kgs08kg8gsww
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:18 GMT
Content-Encoding: gzip
Age: 108962
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 672
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-3fa"
Strict-Transport-Security: max-age=60
X-Varnish: 76137302 11659109
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 26285

GET
H/1.1 404
Not Found bookmark.svg
cache.magicmaman.com/image/picto/reverse/ 0
597 B 28ms
19ms Image
text/html 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.magicmaman.com/image/picto/reverse/bookmark.svg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.magicmaman.com/data/display/article.css?deewzavdoso40kgs08kg8gsww
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK email.svg
cache.magicmaman.com/image/picto/reverse/social/ 762 B
1 KB 44ms
18ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/social/email.svg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

7199156f53cd290e2135cbf4f7776fded8103c20a35556165d3b67a2511721fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:07 GMT
Content-Encoding: gzip
Age: 108973
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 518
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Tue, 05 Jul 2016 15:47:28 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577bd690-2fa"
Strict-Transport-Security: max-age=60
X-Varnish: 76682952 12683891
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 325285

GET
H/1.1 200
OK anti-chute-de-cheveux-klorane.jpg
cache.magicmaman.com/data/photo/w680_ci/1ec/ 12 KB
13 KB 18ms
18ms Image
image/jpeg 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/data/photo/w680_ci/1ec/anti-chute-de-cheveux-klorane.jpg

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

4d1371cc4f6009c93a41e5299c146ac57bbdbfec6615f08441a1e328c4eb7724

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 15 Feb 2019 17:42:27 GMT
Via: 1.1 varnish-v4
Age: 949134
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 12369
Server: nginx
Last-Modified: Fri, 07 Dec 2018 17:08:37 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5c0aa915-3051"
Strict-Transport-Security: max-age=60
X-Varnish: 75880945 654626900
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Cache-Hits: 2336

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 45ms
17ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BMPX

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

9870aa383c15fedca8b040a95396bd0b9f66804ed70e7c16618950a3e8a23d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 8849
x-xss-protection: 1; mode=block
server: cafe
etag: 3142979784800918423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Feb 2019 17:21:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 52 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: arrainentzakohimnoak.org
URL: http://arrainentzakohimnoak.org/reste/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: 6TpbwdtWyoeppOVF2QRzIBwxu4CCfEtNKagrNr/2Xm4dytWuTzRHQU4eIEQ/03mJI/hLSSEQrIUutnMHrBGWJQ==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Feb 2019 17:21:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 15216
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 201709gmc.js Show response
a.adsixmedia.fr/js/pixels/ 0
311 B 91ms
17ms Script
application/javascript 5.135.32.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adsixmedia.fr/js/pixels/201709gmc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BMPX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.32.18 , France, ASN16276 (OVH, FR),
Reverse DNS: ip18.ip-5-135-32.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:21 GMT
Last-Modified: Thu, 24 May 2018 15:01:04 GMT
Server: nginx
ETag: "5b06d3b0-0"
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Fri, 08 Mar 2019 17:21:21 GMT

GET
H2 200 client.min.js Show response
api.dmcdn.net/pxl/cpe/ 12 KB
4 KB 143ms
29ms Script
application/javascript 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dmcdn.net/pxl/cpe/client.min.js

Requested by

Host: arrainentzakohimnoak.org
URL: http://arrainentzakohimnoak.org/reste/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.186.59 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-59.deploy.static.akamaitechnologies.com

Software

DMS/1.0.42 /

Resource Hash

61401418318a2226caad9661fa4e2e22aca08208756974271468c20b64487481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31708800; includeSubDomains

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31708800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 12 Jan 2019 20:34:26 GMT
server: DMS/1.0.42
x-amz-request-id: 8CD59A5558EE369E
etag: "a364bf171686801830c65ca652daa632"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1200
date: Tue, 26 Feb 2019 17:21:21 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3925
x-amz-id-2: stYCxqsKMgEAJ7C1dLNhXs0MnG80vhkduNNO2vWEY6mUwI16FfGva27RSkcVo6xIZy/xaiZ7Eps=

GET
H/1.1 200
OK fb406dd174e34c2d99e44b2b31cd755b_1.js Show response
targetemsecure.blob.core.windows.net/fb406dd1-74e3-4c2d-99e4-4b2b31cd755b/ 3 KB
2 KB 105ms
24ms Script
application/javascript 52.239.242.148
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://targetemsecure.blob.core.windows.net/fb406dd1-74e3-4c2d-99e4-4b2b31cd755b/fb406dd174e34c2d99e44b2b31cd755b_1.js
Requested by: Host: arrainentzakohimnoak.org
URL: http://arrainentzakohimnoak.org/reste/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.242.148 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5286e38324ccfdee0a0c37ab6fe9850c9f982c9fec902893c5d32e37e9db9130

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 26 Feb 2019 17:21:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 05:56:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MdbRZZsCJfPNFITLMRbcdw==
ETag: 0x8D69BAF3167BA11
Content-Type: application/javascript
x-ms-request-id: 368e386a-901e-005f-23f7-cd498e000000
Cache-Control: public
x-ms-version: 2009-09-19
Content-Length: 1281

GET
H2 200 on-1.0.min.js Show response
tag.audience.acpm.fr/js/ 5 KB
5 KB 137ms
28ms Script
text/javascript 52.210.165.34
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.audience.acpm.fr/js/on-1.0.min.js
Requested by: Host: arrainentzakohimnoak.org
URL: http://arrainentzakohimnoak.org/reste/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.165.34 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-165-34.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.37 (Amazon) /
Resource Hash: a58ed0253138b1bcdebe20ea04bede14f945b16b011bbd554055a05865d61969

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
last-modified: Thu, 04 Jan 2018 14:43:33 GMT
server: Apache/2.4.37 (Amazon)
etag: "1329-561f45b2acf40"
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 4905

GET
H2 200 121953X1584899.skimlinks.js Show response
s.skimresources.com/js/ 54 KB
20 KB 154ms
45ms Script
application/octet-stream 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/121953X1584899.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BMPX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9bcca8af5f56ad8824d1731c192f99b3aaced17f3e26752ed2853b907ab45f2

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
content-encoding: gzip
last-modified: Thu, 21 Feb 2019 10:19:57 GMT
server: AmazonS3
x-amz-request-id: 54A25A49CC601FC5
etag: "b59f33ad52e7af8250386aa7bbbdc14d"
x-hw: 1551201681.cds020.pa1.hn,1551201681.cds019.pa1.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20357
x-amz-id-2: abcvhQd3d60128nmJ9W3LVkLpEpoSP83dtOFBE8pvbqLSBoNxIDNR6TmvEZNHyqsmkon+yUUbUQ=

GET
H/1.1 200
OK bk
bei.nuggad.net/ 43 B
633 B 213ms
24ms Image
image/gif 2a00:cd0:1005:2:80:82:201:80
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bei.nuggad.net/bk?nuggn=2093709782&nuggsid=1135299260&gtmcb=1757095882
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2a00:cd0:1005:2:80:82:201:80 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:21 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Status: 200 OK
Cache-Control: no-store,no-cache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=34
Expires: Wed, 18 Feb 2009 11:53:30 GMT

GET
H/1.1 200
OK gallery.svg
cache.magicmaman.com/image/picto/reverse/ 2 KB
2 KB 19ms
19ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/gallery.svg

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=06447acd192a425a48560cf493399330&ua=modern_es6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

c44e15a16f7693a9b84e086efd9f0a0e5d7f38d243a8bf198bc047c5c2539ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:13 GMT
Content-Encoding: gzip
Age: 108967
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1142
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-7b7"
Strict-Transport-Security: max-age=60
X-Varnish: 76588817 12332265
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 131051

GET
H/1.1 200
OK close.svg
cache.magicmaman.com/image/picto/reverse/ 2 KB
2 KB 25ms
21ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/close.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

661ea58a244b9577aae97731b3f94d5b963b57fdeaeda81fa61db0347dfa11b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1049
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Fri, 08 Jul 2016 10:28:34 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "577f8052-6b8"
Strict-Transport-Security: max-age=60
X-Varnish: 76392284 12075915
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 370403

GET
H/1.1 200
OK search.svg
cache.magicmaman.com/image/picto/reverse/ 3 KB
2 KB 25ms
20ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/reverse/search.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

46b695e789e5566ef66da1ccb4dfd9c255864cd366264734dd975096d6480047

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 1554
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 11 Jul 2016 12:54:40 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57839710-a63"
Strict-Transport-Security: max-age=60
X-Varnish: 76260984 11949292
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 370767

GET
H2 200 MmH55ZI0Z2G.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 747D 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/MmH55ZI0Z2G.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=06447acd192a425a48560cf493399330&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/MmH55ZI0Z2G.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://clients.clientarea.action.wpl-csa.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 25 Feb 2020 19:47:13 GMT
cache-control: public,max-age=31536000,immutable
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug: 5Y3Np1AwJTb2f5EArS488uY4r2l0y0LQzArMV4nIUnkx9adPlMXNQERoix3Ci1m/6YAFpDgV+/YiFIn1tmlQJQ==
content-length: 11072
date: Tue, 26 Feb 2019 17:21:21 GMT

GET
H/1.1 200
OK Cookie set /
www.ultimedia.com/deliver/generic/iframe/mdtk/01913797/zone/1/src/mml03r/showtitle/0/ Frame EABC 0
0 303ms
194ms Document
text/html 5.196.81.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ultimedia.com/deliver/generic/iframe/mdtk/01913797/zone/1/src/mml03r/showtitle/0/

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.196.81.114 , France, ASN16276 (OVH, FR),

Reverse DNS

ovh-lb4.dginfra.net

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: www.ultimedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://clients.clientarea.action.wpl-csa.info/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 26 Feb 2019 17:21:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4410
Connection: keep-alive
Cache-Control: private, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
pragma: no-cache
expires: -1
Vary: Accept-Encoding
Content-Encoding: gzip
Set-Cookie: STICKY=6a157803886279232dc50b3e22095c37; path=/; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1869629273272607 Show response
connect.facebook.net/signals/config/ 186 KB
45 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1869629273272607?v=2.8.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9eb17a71f8893cc62c9c8225644c73b6ae197bcf87e64c9f17107b65d87ebcf3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 45967
x-xss-protection: 0
pragma: public
x-fb-debug: lhjKcIVeWLhV6587DZm4lOfo9LVyHrlt2OfTNl2e1ufShnQ5mfKLOKG8cMJLf0YEyeTciG+iiTuo/A4VZuiwYw==
date: Tue, 26 Feb 2019 17:21:21 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/953892692/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953892692/?random=1551201681129&cv=9&fst=1551201681129&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg241&sendb=1&frm=0&url=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&ref=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&tiba=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e532115cd470748b24addc196ea7112709d7554a1533a91c97a110c84ac3a004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 1008
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fb406dd174e34c2d99e44b2b31cd755b_2_1548219698.js Show response
targetemsecure.blob.core.windows.net/fb406dd1-74e3-4c2d-99e4-4b2b31cd755b/ 37 KB
11 KB 21ms
20ms Script
application/javascript 52.239.242.148
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://targetemsecure.blob.core.windows.net/fb406dd1-74e3-4c2d-99e4-4b2b31cd755b/fb406dd174e34c2d99e44b2b31cd755b_2_1548219698.js
Requested by: Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/tools.js?chm9rgtzwlc0o4o0gwskc448o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.242.148 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7281db6112fd4b1d592ff0777339188a676b2c0e7e72bb615a033a8d137ab29b

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 26 Feb 2019 17:21:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Feb 2019 07:17:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: yRPz0L3vOei1S89hBZ4yhw==
ETag: 0x8D68E5E9C6C7338
Content-Type: application/javascript
x-ms-request-id: 368e38e4-901e-005f-15f7-cd498e000000
Cache-Control: public, max-age=86400
x-ms-version: 2009-09-19
Content-Length: 11201

GET
H2 200 263063216765 Show response
auth.audience.acpm.fr/ 85 B
267 B 127ms
33ms XHR
text/plain 52.48.37.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.audience.acpm.fr/263063216765
Requested by: Host: tag.audience.acpm.fr
URL: https://tag.audience.acpm.fr/js/on-1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.37.92 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-37-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f6fbf5bd1e9d293924431cb80579a89ce003b09ced5eef7853d2606fc3804dbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:21 GMT
status: 200
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 85
x-application-context: Auth
expires: 0

GET
H/1.1 200
OK arrow_full_left.svg
cache.magicmaman.com/image/picto/standard/ 554 B
937 B 27ms
27ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/arrow_full_left.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

c5ff0b949749baa702f183178154883308fd6c5c28a48a6cc50d0cb3ba64ea22

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/article.css?deewzavdoso40kgs08kg8gsww
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:06 GMT
Content-Encoding: gzip
Age: 108974
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 380
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 26 Sep 2016 08:30:21 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57e8dc9d-22a"
Strict-Transport-Security: max-age=60
X-Varnish: 75809689 12556306
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 331317

GET
H/1.1 200
OK arrow_full_right.svg
cache.magicmaman.com/image/picto/standard/ 552 B
935 B 19ms
18ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/arrow_full_right.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

a4665d1c22d4924df518a23714b41d87737bf2f6a5591081c4a1ba23dc96e700

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/article.css?deewzavdoso40kgs08kg8gsww
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:05 GMT
Content-Encoding: gzip
Age: 108975
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 378
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Mon, 26 Sep 2016 08:30:21 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "57e8dc9d-228"
Strict-Transport-Security: max-age=60
X-Varnish: 76137333 10875792
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 300801

GET
H/1.1 200
OK close_magazine_popin.svg
cache.magicmaman.com/image/picto/standard/ 876 B
1 KB 28ms
27ms Image
image/svg+xml 195.200.110.137
ECRITEL-FRANCE IS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.magicmaman.com/image/picto/standard/close_magazine_popin.svg

Requested by

Host: cache.magicmaman.com
URL: https://cache.magicmaman.com/data/display/page.js?eayrutv09coc8gw8c0s4sk8g8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.200.110.137 , France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),

Reverse DNS

Software

nginx /

Resource Hash

8cf86a72113bf82c9112e51ae4014892fe638786d0b55939d284f485ffa04c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://cache.magicmaman.com/data/display/page.css?b3qfrfnvf54oos88kwkkkgc80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 11:05:10 GMT
Content-Encoding: gzip
Age: 108971
X-Cache: HIT
X-Cache-Backend: web_farm
Connection: keep-alive
Content-Length: 528
Via: 1.1 varnish-v4
Server: nginx
Last-Modified: Wed, 12 Jul 2017 08:27:03 GMT
X-Cache-Instance: static
X-Cache-VarnishServer: web-accelerator-3
ETag: "5965dd57-36c"
Strict-Transport-Security: max-age=60
X-Varnish: 76293015 12747689
Access-Control-Allow-Origin: *
cache-control: max-age=1209600
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Cache-Hits: 91617

GET
H2 200 /
www.google.com/pagead/1p-user-list/953892692/ 42 B
109 B 24ms
22ms Image
image/gif 2a00:1450:4001:814::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/953892692/?random=1551201681129&cv=9&fst=1551200400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg241&sendb=1&frm=0&url=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&ref=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&tiba=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&async=1&fmt=3&cdct=2&is_vtc=1&random=1033011791&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/953892692/ 42 B
109 B 22ms
21ms Image
image/gif 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/953892692/?random=1551201681129&cv=9&fst=1551200400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg241&sendb=1&frm=0&url=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&ref=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&tiba=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&async=1&fmt=3&cdct=2&is_vtc=1&random=1033011791&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22doma...
https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D4ND6FZ88KPKQ3CBG4T0V7JK&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients...

175 B
470 B

20ms
18ms

Script
application/javascript

35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D4ND6FZ88KPKQ3CBG4T0V7JK&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22domains%22%3A%5B%22magicmaman.com%22%2C%22mamadvisor.magicmaman.com%22%2C%22sotrendoo.com%22%2C%22forum.magicmaman.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22fr.pinterest.com%22%2C%22instagram.com%22%2C%22annonces.magicmaman.com%22%5D%7D&checksum=e139cc3bf23a4da37f5d66b5be56395a98daad308e24c62bfb89759c4ee6baa3

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

41c49283b8a8acf71e27c5e16a73a56d18d65e49ff91df7a81419b951243bebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
via: 1.1 google
x-content-type-options: nosniff
server: openresty/1.11.2.5
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear

Redirect headers

date: Tue, 26 Feb 2019 17:21:21 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
location: //r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D4ND6FZ88KPKQ3CBG4T0V7JK&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22domains%22%3A%5B%22magicmaman.com%22%2C%22mamadvisor.magicmaman.com%22%2C%22sotrendoo.com%22%2C%22forum.magicmaman.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22fr.pinterest.com%22%2C%22instagram.com%22%2C%22annonces.magicmaman.com%22%5D%7D&checksum=e139cc3bf23a4da37f5d66b5be56395a98daad308e24c62bfb89759c4ee6baa3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 167

GET
H2 200 px.gif
p.skimresources.com/ 43 B
107 B 47ms
24ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=3.377804940821795
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
status: 200
x-guploader-uploadid: AEnB2UqeUGenFpikIoMsHZlTdy86FgepOOJompu8wYYP2erLDZSPRx2Pj66ltLr9gWXlx5wpERBFmeLAcsMrCWBdtSQHVT3Z_adkgu9-AbcpmzP2wX1eaJY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1551201681.cds020.pa1.hn,1551201681.cds008.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
486 B 46ms
24ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=3.377804940821795
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
status: 200
x-guploader-uploadid: AEnB2UqeUGenFpikIoMsHZlTdy86FgepOOJompu8wYYP2erLDZSPRx2Pj66ltLr9gWXlx5wpERBFmeLAcsMrCWBdtSQHVT3Z_adkgu9-AbcpmzP2wX1eaJY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1551201681.cds020.pa1.hn,1551201681.cds008.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK rc Show response
lpm-gmc.nuggad.net/ 782 B
1 KB 197ms
38ms Script
text/javascript 2a00:cd0:1005:2:80:82:201:80
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lpm-gmc.nuggad.net/rc?nuggn=1997387604&nuggsid=1396913049&nuggrid=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2a00:cd0:1005:2:80:82:201:80 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7791f5b4b1551e0a0972c4fdd181371aef1e33853bdf6141318f65c41982dd6a

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 26 Feb 2019 17:21:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Status: 200 OK
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=73
Expires: Wed, 18 Feb 2009 11:53:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1869629273272607&ev=PageView&dl=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&rl=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&if=false&ts=1551201681396&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=30&fbp=fb.1.1551201681395.401879312&it=1551201681124&coo=false&rqm=GET
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 26 Feb 2019 17:21:21 GMT

GET
H2 200 263063216765
collecte.audience.acpm.fr/m/web/ 35 B
204 B 51ms
29ms Image
image/gif 52.210.165.34
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collecte.audience.acpm.fr/m/web/263063216765?n=424190705&tn=on-ts&v=1.0.0
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.165.34 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-165-34.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.37 (Amazon) /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 26 Feb 2019 17:21:21 GMT
server: Apache/2.4.37 (Amazon)
content-length: 35
content-type: image/gif

GET
H2 200 iab Show response
api.skimlinks.mgr.consensu.org/ 772 B
652 B 54ms
19ms XHR
application/json 35.190.40.172
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.skimlinks.mgr.consensu.org/iab

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/121953X1584899.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

172.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

date: Tue, 26 Feb 2019 17:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.14.0
access-control-allow-headers: *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2

200

/
p.skimresources.com/ Frame C61B
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=761fb60e8eccded9344de11038a19034
https://p.skimresources.com/?provider_id=761fb60e8eccded9344de11038a19034&skim_mapping=true

43 B
269 B

19ms
18ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=761fb60e8eccded9344de11038a19034&skim_mapping=true
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:22 GMT
status: 200
x-guploader-uploadid: AEnB2UrYBQy4OatnePtD-SX_rBlM8rYyGMxhVsYjLkYVmrA7G7jX--IaPZd_ASZhQUWk8ZZUzlWMkLbFxscIJw85o-URz9v-UjZA3ABNGDmXSkBm_1_Q0Q4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1551201682.cds020.pa1.hn,1551201682.cds034.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=761fb60e8eccded9344de11038a19034&skim_mapping=true
Date: Tue, 26 Feb 2019 17:21:22 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK data-registering
ads.stickyadstv.com/ 43 B
1 KB 164ms
39ms Image
image/gif 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/data-registering?dataProviderId=151&d1=1&d10=4&d11=5&d12=3&d2=1&d13=3&d3=5&d4=7&d7=2&d8=2&d9=1&i46=3&i21=3&i13=3&i3=3&i10=3&i11=3&i17=4&i18=3&i15=3&i36=3&i1=3&i14=3&i28=3&i26=3&i27=3&i29=3&i48=3&i12=3&i16=3&g1=0&g2=1&g3=1&g4=1&g5=1&n1=0&n2=0&n3=0&n4=1&n5=1&n6=1&n7=0&n8=1&n9=1&f2=0&h1=1&h2=1&h3=1&h4=0&h5=1&h6=0&h7=1&h8=1&h9=1&h10=0&h11=1&h12=0&h13=1&h14=0&h15=1&h16=1&h17=1&qc=0&ex=1&eb=1&ad=7&sb=1&on=7&c2=7&c3=6&c4=5
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1551201681632073-116
Expires: Tue, 26 Feb 2019 17:21:21 GMT

GET
H/1.1 200
OK data-registering
ads.stickyadstv.com/ 43 B
670 B 170ms
44ms Image
image/gif 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/data-registering?dataProviderId=681&alli=0&allitest=1
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1551201681689069-165
Expires: Tue, 26 Feb 2019 17:21:21 GMT

GET
H/1.1

204
No Content

syncuid
fw-sync.nuggad.net/
Redirect Chain

https://ads.stickyadstv.com/data-registering?dataProviderId=866&redirectId=1394
https://fw-sync.nuggad.net/syncuid?dpid=6726&uid=ba44b91aca6a1fd2963781c6b22fd1dc

0
202 B

210ms
26ms

Image
text/plain

80.82.201.86
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fw-sync.nuggad.net/syncuid?dpid=6726&uid=ba44b91aca6a1fd2963781c6b22fd1dc
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.82.201.86 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS: pbtngs-nuggad.unbelievable-machine.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204 No Content
date: Tue, 26 Feb 2019 17:21:22 GMT
cache-control: no-store,no-cache
server: Apache
Connection: close
p3p: CP="NOI DSP COR NID ADMa OTPa OUR NOR"

Redirect headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:21 GMT
Server: nginx
Location: https://fw-sync.nuggad.net/syncuid?dpid=6726&uid=ba44b91aca6a1fd2963781c6b22fd1dc
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1551201681704049-153
Expires: Tue, 26 Feb 2019 17:21:21 GMT

GET
H/1.1

204
No Content

syncuid
appn-sync.nuggad.net/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fappn-sync.nuggad.net%2Fsyncuid%3Fdpid%3D7906%26o%3Dl%26uid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fappn-sync.nuggad.net%252Fsyncuid%253Fdpid%253D7906%2526o%253Dl%2526uid%253D%2524UID
https://appn-sync.nuggad.net/syncuid?dpid=7906&o=l&uid=1224776746655146658

0
202 B

216ms
24ms

Image
text/plain

80.82.201.94
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://appn-sync.nuggad.net/syncuid?dpid=7906&o=l&uid=1224776746655146658
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.82.201.94 Berlin, Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204 No Content
date: Tue, 26 Feb 2019 17:21:22 GMT
cache-control: no-store,no-cache
server: Apache
Connection: close
p3p: CP="NOI DSP COR NID ADMa OTPa OUR NOR"

Redirect headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:24 GMT
AN-X-Request-Uuid: 52bca9de-3a58-4571-8f97-4489b90e0d43
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://appn-sync.nuggad.net/syncuid?dpid=7906&o=l&uid=1224776746655146658
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 309.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.199:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ps-ut-draw.min.js Show response
abs.proxistore.com/scripts/ 7 KB
3 KB 60ms
9ms Script
application/javascript 18.197.71.228
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://abs.proxistore.com/scripts/ps-ut-draw.min.js?v=1551201681607
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.71.228 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-71-228.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: 87b337386d6a392e2e92c942a70d235df1db3117b3e0dc9b35a21f0160eaafc8

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jan 2019 16:01:52 GMT
Server: nginx/1.10.2
ETag: W/"5c49e170-1bbb"
Vary: Accept-Encoding
Content-Type: application/javascript
X-server: nginx2
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2884

GET
H/1.1 200
OK 5bcdbee2ad82d80378b4b4d2 Show response
api.pxlad.io/players/ 886 B
1 KB 477ms
122ms XHR
application/json 52.205.21.136
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pxlad.io/players/5bcdbee2ad82d80378b4b4d2?fields=config
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.21.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-205-21-136.compute-1.amazonaws.com
Software: /
Resource Hash: 7d2797aec02b71f4a720fd4e702da67083cd528ba77f634c2ae9f4a9829b3a0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Tue, 26 Feb 2019 17:21:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2018 12:13:41 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, OPTIONS, POST, DELETE, GET, PUT, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Cache: EXPIRED
Access-Control-Allow-Headers: Authorization, X-HTTP-Method-Override, Content-Type, Accept
Content-Length: 442
Access-Control-Expose-Headers

GET
H2 200 app.min.js Show response
api.dmcdn.net/pxl/cpe/ 126 KB
23 KB 33ms
32ms Script
application/javascript 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dmcdn.net/pxl/cpe/app.min.js

Requested by

Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.186.59 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-59.deploy.static.akamaitechnologies.com

Software

DMS/1.0.42 /

Resource Hash

f1e72890066210f94acdac1ce39e6f2ffac0698663663f82ac381aa7846daf11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31708800; includeSubDomains

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31708800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 12 Jan 2019 20:34:25 GMT
server: DMS/1.0.42
x-amz-request-id: 504AE43A135B74C6
etag: "870c2e2426ee45a0b61b28fd1f3eca5f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1200
date: Tue, 26 Feb 2019 17:21:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22839
x-amz-id-2: 0F1IaHgp/ncWm73f45FAkHPfbUvlHqQ/QRxZFXWjoD3GrDHW3l/aF7fM9AGLNvUyHTtnyhp4a48=

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/marieclairefrance-magicmaman/ 199 KB
23 KB 57ms
10ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/marieclairefrance-magicmaman/loader.js
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ab4ae5f90a7422ac57fa106ba3975f557087eb266bc7223a5ee8310b910c135

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Q9Sg.lHc_8CvkJw051zqBOtlj.FQkmk7
content-encoding: gzip
age: 25
x-cache: HIT
status: 200
date: Tue, 26 Feb 2019 17:21:22 GMT
x-amz-replication-status: COMPLETED
content-length: 23103
x-amz-id-2: f0RR3FhjpRTH9AgsmBorNKkre6B02j/Apx1+wG1MeiSgChoRBz/5y0GsXBmBlIvupEOLaj/b68A=
x-served-by: cache-hhn1531-HHN
last-modified: Mon, 25 Feb 2019 15:07:15 GMT
server: AmazonS3
x-timer: S1551201682.147957,VS0,VE1
etag: "2c716f66b487dab78e947821a733e182"
vary: Accept-Encoding
x-amz-request-id: 8C6170789B503186
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 80
x-cache-hits: 1

GET
H2 200 ping
www.facebook.com/connect/ Frame 2F6B 0
0 40ms
38ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/connect/ping?client_id=296955010358382&domain=clients.clientarea.action.wpl-csa.info&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FMmH55ZI0Z2G.js%3Fversion%3D44%23cb%3Df3501ee8b8142e%26domain%3Dclients.clientarea.action.wpl-csa.info%26origin%3Dhttps%253A%252F%252Fclients.clientarea.action.wpl-csa.info%252Ff27b1bad45731bc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=06447acd192a425a48560cf493399330&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /connect/ping?client_id=296955010358382&domain=clients.clientarea.action.wpl-csa.info&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FMmH55ZI0Z2G.js%3Fversion%3D44%23cb%3Df3501ee8b8142e%26domain%3Dclients.clientarea.action.wpl-csa.info%26origin%3Dhttps%253A%252F%252Fclients.clientarea.action.wpl-csa.info%252Ff27b1bad45731bc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://clients.clientarea.action.wpl-csa.info/
accept-encoding: gzip, deflate, br
cookie: fr=0RHT3xeojlVhn6GdM..BcdXWR...1.0.BcdXWR.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: FpzQO3ti9YmYHmvdMkyuDLLX5gIahlM40S+CiDvo0S3NQ955BP+VA9nSQX+RQnaKGaXwHkGwNnvHj8ZeAcJnbQ==
date: Tue, 26 Feb 2019 17:21:22 GMT

POST
H2 200 link Show response
t.skimresources.com/api/ 22 B
425 B 62ms
28ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/121953X1584899.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:22 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2

200

/
p.skimresources.com/ Frame C61B
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=7b7e1163a01fc2193776ba5e4171da67
https://p.skimresources.com/?provider_id=7b7e1163a01fc2193776ba5e4171da67&skim_mapping=true

43 B
166 B

18ms
18ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=7b7e1163a01fc2193776ba5e4171da67&skim_mapping=true
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
status: 200
x-guploader-uploadid: AEnB2UrYBQy4OatnePtD-SX_rBlM8rYyGMxhVsYjLkYVmrA7G7jX--IaPZd_ASZhQUWk8ZZUzlWMkLbFxscIJw85o-URz9v-UjZA3ABNGDmXSkBm_1_Q0Q4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1551201683.cds020.pa1.hn,1551201683.cds034.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=7b7e1163a01fc2193776ba5e4171da67&skim_mapping=true
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BMPX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 2989
date: Tue, 26 Feb 2019 16:31:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Tue, 26 Feb 2019 18:31:33 GMT

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 5855 0
0 152ms
31ms Document
text/html 34.252.154.128
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=378052475&gdpr=&gdpr_consent=&url=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&bpid=groupemarieclaire&c=%7B%22bpid%22%3A%22groupemarieclaire%22%2C%22loc%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%221%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%223046%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.154.128 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-154-128.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://clients.clientarea.action.wpl-csa.info/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Tue, 26 Feb 2019 17:21:21 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AYjHnKRfB49Ao%2FA4k3s4YYc0Z4Dy8ngnY;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkCDISJAgyEgAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 66 KB
19 KB 81ms
20ms Script
application/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/6300/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 6c907da4662bfa1b8ca7c2ba82cda7d18711c7c9c37fc508ada4a9b827606065

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 16:37:19 GMT
Content-Encoding: gzip
Server: Server
Age: 2643
ETag: 989a400f0fafe5de516ed94ad84de850
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: f-De7UjN8d_XEX8EJykT6r0BFFuv-uubEK2kDoF27HrVcpLd9E1G-A==

GET
H/1.1 200
OK prebid.js Show response
tagmanager.smartadserver.com/50/ 129 KB
41 KB 9ms
7ms Script
application/javascript 2.19.46.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/50/prebid.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/6300/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.19.46.9 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-46-9.deploy.static.akamaitechnologies.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 58b6ccc544f10dc71ad2f72f3fdb219879016b717f78cd1683e303208f0f607e

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Oct 2018 12:04:51 GMT
Server: Apache/2.4.10 (Debian)
ETag: "2058b-5792086da807b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=478
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41102
Expires: Tue, 26 Feb 2019 17:29:20 GMT

GET
H2 200 / Show response
r.skimresources.com/api/ 184 B
439 B 23ms
21ms Script
application/javascript 35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?callback=skimlinksBeaconAuxCallback&data=%7B%22pubcode%22%3A%22121953X1584899%22%2C%22page%22%3A%22https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F%22%2C%22domains%22%3A%5B%22magicmaman.com%22%2C%22laboratoires-klorane.fr%22%2C%22phyto.fr%22%2C%22ducray.com%22%2C%22fr.puressentiel.com%22%2C%22fr.eugeneperma-professionnel.com%22%2C%22renefurterer.com%22%2C%22aroma-zone.com%22%2C%22yves-rocher.fr%22%5D%7D

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/121953X1584899.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

d7f05e8c19f960a57f6e6a5504632af4af52fff4400e9f355d6338b925a529b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:22 GMT
via: 1.1 google
x-content-type-options: nosniff
server: openresty/1.11.2.5
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear

POST
H2 200 /
www.facebook.com/tr/ Frame 8786 0
0 6ms
5ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5012
pragma: no-cache
cache-control: no-cache
origin: https://clients.clientarea.action.wpl-csa.info
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://clients.clientarea.action.wpl-csa.info/
accept-encoding: gzip, deflate, br
cookie: fr=0RHT3xeojlVhn6GdM..BcdXWR...1.0.BcdXWR.
Origin: https://clients.clientarea.action.wpl-csa.info
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Tue, 26 Feb 2019 17:21:22 GMT

GET
H/1.1 200
OK 5bcdbee2ad82d80378b4b4d2 Show response
api.pxlad.io/players/ 2 KB
2 KB 639ms
637ms XHR
application/json 52.205.21.136
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pxlad.io/players/5bcdbee2ad82d80378b4b4d2?p={}
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.21.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-205-21-136.compute-1.amazonaws.com
Software: /
Resource Hash: 1f5e8d521ee5a51c0e159704be70ef7d386dbced97831af0d463a827cf4b08cb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Tue, 26 Feb 2019 17:21:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2018 12:13:41 GMT
Vary: Origin
Access-Control-Allow-Methods: GET, PUT, OPTIONS, DELETE, HEAD, PATCH, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Access-Control-Max-Age: 0
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Cache: EXPIRED
Access-Control-Allow-Headers: Authorization, X-HTTP-Method-Override, Content-Type, Accept
Content-Length: 991
Access-Control-Expose-Headers

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1866395060&t=event&ni=1&_s=1&dl=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&dr=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5468943-1&cid=343681385.1551201683&jid=1736023373&_gid=553749664.1551201683&gjid=610353240&_v=j73&z=99490017

35 B
102 B

22ms
15ms

Image
image/gif

2a00:1450:400c:c08::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5468943-1&cid=343681385.1551201683&jid=1736023373&_gid=553749664.1551201683&gjid=610353240&_v=j73&z=99490017

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 26 Feb 2019 17:21:23 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5468943-1&cid=343681385.1551201683&jid=1736023373&_gid=553749664.1551201683&gjid=610353240&_v=j73&z=99490017
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 414
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=1866395060&t=event&ni=1&_s=1&dl=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&dr=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&ul=en-us&de=UTF-8&dt=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Appel%20Bloc&ea=Taboola&el=page&_u=YEDAAEAB~&jid=&gjid=&cid=343681385.1551201683&tid=UA-5468943-1&_gid=553749664.1551201683&gtm=2wg24157BMPX&cd1=large&cd2=3046_Femme&cd3=3047_Beaut%C3%A9%20femme&cd4=647_Cheveux&cd5=4&cd6=19_Galeriephoto&cd7=1_Moteur-de-recherche&cd8=1_R%C3%A9daction&cd9=0&cd10=2014-04-23&cd11=8801&cd12=2015-07-22&cd13=1948116&z=2079391604

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Feb 2019 11:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1145732
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
7ms Image
image/gif 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Feb 2019 11:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1145732
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.347-155-RELEASE.js Show response
cdn.taboola.com/libtrc/ 350 KB
100 KB 9ms
8ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/marieclairefrance-magicmaman/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527e09cbcaa72193cb767384540d6eb179b98dae30c7c1c0fd6d52c62d56eaf7

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: sDKsHba6s4yeC2Azdk6B0U2Z1kjHJu9o
content-encoding: gzip
age: 69
x-cache: HIT
status: 200
date: Tue, 26 Feb 2019 17:21:22 GMT
x-amz-replication-status: COMPLETED
content-length: 101775
x-amz-id-2: vzM9ZNR9fV0S98zRgkPxlJfEkJSZZn0mEe1wTPmwU3QxNjnZ1KLr1LaYbQTTYFhEzbVULhlX+Dk=
x-served-by: cache-hhn1531-HHN
last-modified: Tue, 26 Feb 2019 17:20:09 GMT
server: AmazonS3
x-timer: S1551201683.966158,VS0,VE0
etag: "64577650d1e7f7eb68e8fa7dc257f63b"
vary: Accept-Encoding
x-amz-request-id: A86B9D676941771D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 80
x-cache-hits: 1144

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
988 B 9ms
8ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/marieclairefrance-magicmaman/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f09d28c6d05e389e95b125856fbf54614eafd3643ed5086062175baae062e83

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 17:21:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 707
Expires: Wed, 27 Feb 2019 17:21:22 GMT

POST
H2 200 track.php Show response
t.skimresources.com/api/ 22 B
92 B 26ms
25ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/track.php

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/121953X1584899.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 204 prebid Show response
ad.piximedia.com/ 0
804 B 112ms
39ms XHR
text/plain 52.48.212.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.piximedia.com/prebid?timestamp=1551201683034&pver=1.0&pbparams=%7B%22siteId%22%3A%22MAGICMAMAN%22%2C%22placementId%22%3A%22RG_NEW%22%2C%22currency%22%3A%22EUR%22%7D&pbwidth=970&pbheight=250&pbbidid=270c199991041b&
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.212.112 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-212-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
last-modified: Tue, 26 Feb 2019 17:21:22 GMT
status: 204
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=1
access-control-allow-credentials: true
expires: Fri, 01 Jan 2010 05:00:00 GMT

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
236 B 79ms
18ms XHR
text/plain 178.250.2.89
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=11&wv=1.25.0-pre&cb=32874954012
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.2.89 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Date: Tue, 26 Feb 2019 17:21:22 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 240ms
119ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=882692&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=5ac8ebe1-d727-4f93-b421-eb5ddcdb5902&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.09813969843379855
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 89ca32663880fa51e63672109926de3024e268819d4df5cd56dcd88786554e07

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 201ms
81ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=1047344&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=5399ddca-9bd3-42bd-9d75-80b8b79a9d98&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3571667775253098
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 7d5ed2356a654f3eb226c68062fdf9fbf19a2a21292a3bec95e9bfd8fe189234

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=4
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 254 B
2 KB 249ms
130ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=882686&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=12d1c9d2-c05b-4e61-98cd-f0c523810ae8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.16107230414638152
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 50c8e1f23cdd3d0c7b44a89247d68f18babcfa46b4f7d71d6e3555ee67fdfd9c

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 254
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 216ms
98ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=1047344&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=e4f912cb-952f-4336-aa4a-4d4e1a809059&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6242399130084522
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4a8279eeeced0735e6ea5572bf6f85d55c0c7609b1883aa4bde18fc35e7e533a

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
www.audiencemanager.de/ 1 KB
960 B 184ms
83ms XHR
application/x-javascript 54.246.183.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.audiencemanager.de/hb
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.183.183 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-183-183.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 / PHP/7.2.9
Resource Hash: 5b3a79ba4bd1785e3b540331397efac1b5ac4fd3778cdcc11a89a5bdabb837f9

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
content-encoding: gzip
x-powered-by: PHP/7.2.9
requestid: e3d16e673c5540ab1de86ef9a39c0798
p3p: CP="NID DSP ALL COR"
status: 200, 200 OK
content-length: 432
server: Apache/2.4.34 (Unix) PHP/7.2.9
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
access-control-allow-credentials: true
hostname: 10-0-14-210#slave11
responsetime: 52
access-control-allow-headers: Content-Type, *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 4 KB
2 KB 131ms
82ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

7f590a1dff49c2831f059e2d3e3fee8c11021197a7729bb3ed749d564c558546

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Feb 2019 17:21:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.13:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1e22b357-b38e-412a-81c8-8cc88971ff5b
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 32 KB
6 KB 180ms
132ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

1f78383878fcf31a2093c2e021cd27b4b20fbc2e6b4ecb9e78762245506d2fc4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Feb 2019 17:21:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e44c8741-4f24-446d-a0ac-ff27d8433ac8
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 78ms
30ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

5e8a84182c43ff1bf670d8e776a51ec46c8d984cffafd970511d745823db8786

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:25 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.73:80
AN-X-Request-Uuid: 96665092-d877-46e5-9b50-a60ac67796f9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 496 B
1 KB 78ms
30ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

6d28cfdba0a90d02acc932a26e81bf2f55c2740669472025881a41dad19058c0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:25 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.8:80
AN-X-Request-Uuid: bf9b0d14-8ec6-4ba3-9f05-8b9bb4716b1a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 496
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 232ms
115ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=882640&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=5ac8ebe1-d727-4f93-b421-eb5ddcdb5902&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.56846930433909
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: deedabfdc2f3738f0a5486916209a32c8298cc469fe189ce3aa3f51c0d329421

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 178ms
59ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=1047346&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=5399ddca-9bd3-42bd-9d75-80b8b79a9d98&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6581612407251061
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 44edcff44255324b4be24d060012759a05c240894ccca23a396c1cabb4f13191

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=5
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 258 B
2 KB 299ms
121ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=882632&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=12d1c9d2-c05b-4e61-98cd-f0c523810ae8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.56524093881632
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 95556dd2a4af40061c725ceed08d55311b71a94aad4d3907a740cc2a9a784e19

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 258
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 363ms
169ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9585&site_id=180832&zone_id=1047346&size_id=2&alt_size_ids=57&p_pos=unknown&rf=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&tk_flint=pbjs_lite_v1.25.0-pre&x_source.tid=e4f912cb-952f-4336-aa4a-4d4e1a809059&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.09851135404999023
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ac47869b95fa7ef69f36426bf19d21f50af565ba19e807410dd976062457c6fd

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 7 KB
4 KB 76ms
29ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/50/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

9b05913f1856b7c5779a0b218cff4a1cf10665cb9901d55e63190920fabd5ce6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Feb 2019 17:21:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 15f7d5e2-9fed-4d97-8983-8161bab1d46a
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 11ms
10ms Image
text/plain 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&rn=0.09221872788720709&c7=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&c3=20121515121&c4=&c5=&c6=&c10=&c15=&c16=&c8=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&c9=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&cv=1.8
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 18ms
7ms Image
text/plain 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=6820648&rn=0.8647511653179389&c7=https%3A%2F%2Fclients.clientarea.action.wpl-csa.info%2F&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=Traitement%20chute%20de%20cheveux%20%3A%2010%20produits%20qui%20marchent%20vraiment%20!%20-%20Magicmaman.com&c9=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&cv=1.8
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 35ms
11ms XHR
application/javascript 99.86.1.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-1-198.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info

Response headers

Date: Tue, 26 Feb 2019 16:40:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 2460
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 24 Aug 2018 07:13:51 GMT
Server: AmazonS3
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Id: AdiSjjpsMqf5-GzASUYjB-blo8rmiS7Jm_UZrSub0rED71yc9eaafA==

GET
H2 200 json Show response
trc.taboola.com/marieclairefrance-magicmaman/trc/3/ 14 KB
6 KB 131ms
110ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/marieclairefrance-magicmaman/trc/3/json?tim=17%3A21%3A23.134&data=%7B%22id%22%3A755%2C%22ii%22%3A%22%2F%2Ctraitement-chute-de-cheveux%2C2442730.asp%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1551201683122%2C%22cv%22%3A%22347-155-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.magicmaman.com%2F%2Ctraitement-chute-de-cheveux%2C2442730.asp%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F%22%2C%22bad%22%3A-1%2C%22bw%22%3A1600%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-e%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A8229.5%2C%22mw%22%3A1000%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22organic-thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Organic%20Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Organic%20Below%20Article%20Thumbnails%22%2C%22cd%22%3A8308.5%2C%22mw%22%3A1000%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22normal%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d8cff4993ef9ef831c326127133acad5024aa2623b06f767291ff818151c21c

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-hhn1531-HHN
server: nginx
x-timer: S1551201683.163061,VS0,VE100
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 tb Show response
15.taboola.com/ 20 KB
20 KB 76ms
21ms Script
text/html 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=marieclairefrance-magicmaman&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=&cisrf=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&cirf=https%3A%2F%2Fwww.magicmaman.com%2F%2Ctraitement-chute-de-cheveux%2C2442730.asp&encoded=1&uid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&variant=-100|1009&callback=TRC.videoTagCallbacks.videoCallback1&cb=1551201683287&tagid=&cntry=DE&platform=1&sesid=633181f1454fccbb00d23ed94f7a03f2&itemid=/,traitement-chute-de-cheveux,2442730.asp&viewid=1551201683122&geolat=&geoing=&deviceifa=&appid=&sd=v2_633181f1454fccbb00d23ed94f7a03f2_dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13_1551201683_1551201683_CJa80hQQx9U9GLKNzdaSLSABKAEwODib4wlAhIoQSLC4E1Cj7BBYAGAA&ri=cb099bbd9b5defe7fb9bd54cd74db967&appname=&cdb=&gdprApplies=&sii=3175557049226826025
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: b46dbd31f267050b4c500764c95f725dd44e8054623fdd38bf431d8b80c06b8f

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201683.348526,VS0,VE12
machineid: 1430
x-served-by: cache-hhn1550-HHN
x-cache: MISS
content-type: text/html;charset=ISO-8859-1
status: 200
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
x-cache-hits: 0
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 userx.347-155-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 20 KB
7 KB 8ms
8ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.347-155-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/marieclairefrance-magicmaman/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 952f64cf7b26e4eb1ab92074cb01c945a422f0c4a509c18e16b41810cfbbecca

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: SNI3P.DhxMc8vm6XDYSEu0bodSn.OX1B
content-encoding: gzip
age: 37
x-cache: HIT
status: 200
date: Tue, 26 Feb 2019 17:21:23 GMT
x-amz-replication-status: PENDING
content-length: 6685
x-amz-id-2: OSTHALh3RTJF1VK6eynGZLBkVa9HUSH0tL13+r3+9tr5iXczCAGfRb4NbqEpbEaSDO6GQo1kOEc=
x-served-by: cache-hhn1531-HHN
last-modified: Tue, 26 Feb 2019 17:20:45 GMT
server: AmazonS3
x-timer: S1551201683.292173,VS0,VE0
etag: "ed0a04f656ce5e74a91237134d89de81"
vary: Accept-Encoding
x-amz-request-id: 24841A38F52B3201
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 213

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 48E3
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_e8dj140

0
50 B

16ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_e8dj140
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.354912,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1531-HHN

Redirect headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_e8dj140
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

204

rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame 48E3
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ae522fbd-0d64-41f6-8dd5-f2d04758530d

0
199 B

20ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ae522fbd-0d64-41f6-8dd5-f2d04758530d
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201684.785758,VS0,VE9
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1531-HHN

Redirect headers

Location: //trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ae522fbd-0d64-41f6-8dd5-f2d04758530d
Date: Tue, 26 Feb 2019 17:21:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 48E3
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://tags.bluekai.com/site/38310?id=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D&redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DEvFeKqeXsP8KaAKN...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D

45 B
95 B

17ms
16ms

Image
image/gif

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201684.963055,VS0,VE9
x-cache: MISS
status: 200
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1531-HHN

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=EvFeKqeXsP8KaAKNshBscqb2yH1pJ2EUgg6L-4yXrpo%3D
Date: Tue, 26 Feb 2019 17:21:23 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 795f
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

rtb-h
match.taboola.com/sg/appnexus-network/1/ Frame 48E3
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658
https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=1224776746655146658&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D1224776746655146658

0
52 B

37ms
16ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=1224776746655146658&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D1224776746655146658
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201683.385870,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.348168,VS0,VE8
location: https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=1224776746655146658&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D1224776746655146658
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1531-HHN

GET
H2

204

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 48E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA3r3eBdLGTm23KGlJIoCPs&google_cver=1

0
50 B

18ms
16ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA3r3eBdLGTm23KGlJIoCPs&google_cver=1
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.348195,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1531-HHN

Redirect headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:23 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA3r3eBdLGTm23KGlJIoCPs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 304
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame 48E3
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658

0
214 B

18ms
16ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.348178,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1531-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:25 GMT
AN-X-Request-Uuid: 53367871-732e-4d6a-af15-7e025c7908b8
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1224776746655146658
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame 48E3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D7669af72-95f1-4cbe...

0
52 B

38ms
16ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D7669af72-95f1-4cbe-8dfa-3032f165e5a3
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201683.385888,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.348238,VS0,VE9
location: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=7669af72-95f1-4cbe-8dfa-3032f165e5a3&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D7669af72-95f1-4cbe-8dfa-3032f165e5a3
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1531-HHN

GET
H2

200

rtb-h
match.taboola.com/sg/storygize-network/1/ Frame 48E3
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D3eaf2dd6-5697-42b2-b2...

0
52 B

17ms
15ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D3eaf2dd6-5697-42b2-b296-80782daeed46
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:24 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201684.271150,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Tue, 26 Feb 2019 17:21:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201684.253457,VS0,VE8
location: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=3eaf2dd6-5697-42b2-b296-80782daeed46&tbid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13&query=taboola_hm%3D3eaf2dd6-5697-42b2-b296-80782daeed46
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1531-HHN

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 48E3 35 B
383 B 705ms
110ms Image
image/gif 192.132.33.27
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.27 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 27.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-ServerName: track005-dc3-va
Pragma: no-cache
Date: Tue, 26 Feb 2019 17:21:08 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET

sync
rtb.4finance.com/ Frame 48E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f1a00eea-88ae-4858-aa85-42c1bda9bad5&bsw_param=f1a00eea-88ae-4858-aa85-42c1bda9bad5

0
0

POST
H2 204 available Show response
trc.taboola.com/marieclairefrance-magicmaman/log/3/ 0
116 B 17ms
16ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/marieclairefrance-magicmaman/log/3/available
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.322969,VS0,VE9
x-served-by: cache-hhn1531-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 959ae680423863540a545ed3eae50fee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 29ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/959ae680423863540a545ed3eae50fee.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0cd548e059e8998174c57fe724253943fc0cd8556fdf250bd91b3777ad5cf720

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 525883
x-cache: HIT
status: 200
expiration: expiry-date="Tue, 26 Feb 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/959ae680423863540a545ed3eae50fee.jpg
content-length: 23741
x-served-by: cache-hhn1531-HHN
last-modified: Sat, 26 Jan 2019 04:15:53 GMT
server: cloudinary
x-timer: S1551201683.396677,VS0,VE0
etag: "a62368f378e1924d31c1b8f62a769b0d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 15

GET
H2 200 fdaeaacda32a96de7fd9425253f83797.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 8ms
8ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdaeaacda32a96de7fd9425253f83797.png
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3545e4a3dc36705c4facd5a170bc240109e69063e96b3aebed0a82cb2ccb5b04

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 89223
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdaeaacda32a96de7fd9425253f83797.png
content-length: 17644
x-request-id: 64dfb7112c956c34
x-served-by: cache-hhn1531-HHN
last-modified: Sun, 24 Feb 2019 16:19:38 GMT
server: cloudinary
x-timer: S1551201683.403121,VS0,VE0
etag: "6d6156e04820ed5f29b31cda882fb7e5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 8

GET
H2 200 e5f99a10dfbedfa84a2373e5a75d1799.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 8ms
8ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f99a10dfbedfa84a2373e5a75d1799.png
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2cdce9af57afd0a3d1ce45611eedb5ed824f0122875a546cb751b0fdac816c54

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 2070471
x-cache: HIT
status: 200
expiration: expiry-date="Tue, 19 Feb 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5f99a10dfbedfa84a2373e5a75d1799.png
content-length: 18251
x-served-by: cache-hhn1531-HHN
last-modified: Sat, 19 Jan 2019 20:31:23 GMT
server: cloudinary
x-timer: S1551201683.405233,VS0,VE0
etag: "19c0d55809b314facd60628b4d04a026"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 7

GET
H2 200 7522-1-les-canneles-de-bordeaux.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.petitfute.com/medias/mag/10635/835/ 24 KB
25 KB 8ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.petitfute.com/medias/mag/10635/835/7522-1-les-canneles-de-bordeaux.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 918ab52aad406b54e87895d7339a15d3a04be6ceda2a6475e2adb9770f547933

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 77121
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.petitfute.com/medias/mag/10635/835/7522-1-les-canneles-de-bordeaux.jpg
content-length: 24840
x-request-id: 254c76efe91851f8
x-served-by: cache-hhn1531-HHN
last-modified: Tue, 05 Feb 2019 08:11:54 GMT
server: cloudinary
x-timer: S1551201683.411781,VS0,VE0
etag: "7020b745eadc91045be9809983819dd2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 2

GET
H2 200 cafd0e6b563cea277d91792b42_A2Y1Y2Q2NmU3OTk0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//photos.desired.de/f3/b5/c2/ 13 KB
13 KB 11ms
10ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//photos.desired.de/f3/b5/c2/cafd0e6b563cea277d91792b42_A2Y1Y2Q2NmU3OTk0.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 108634b324f3e976d3cacd2d8579378e732f1b5fd3f45010e5118b87c2e8c7cb

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 628409
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//photos.desired.de/f3/b5/c2/cafd0e6b563cea277d91792b42_A2Y1Y2Q2NmU3OTk0.jpg
content-length: 13142
x-request-id: 4ec87a56c17909ec
x-served-by: cache-hhn1531-HHN
last-modified: Sat, 02 Feb 2019 14:29:12 GMT
server: cloudinary
x-timer: S1551201683.414633,VS0,VE1
etag: "ddc36e8c9033a49f9b7db0dbb9f1409f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 frisuren-feines-haar-4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/content-marketing-images/GF/frisuren-feines-haar/TABO/ 12 KB
13 KB 9ms
9ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/content-marketing-images/GF/frisuren-feines-haar/TABO/frisuren-feines-haar-4.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6e85226f6be42adaf176ca85916c461b8cb8d225a0c34279ae5b558a36fba983

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 1629447
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/content-marketing-images/GF/frisuren-feines-haar/TABO/frisuren-feines-haar-4.jpg
content-length: 12621
x-request-id: 993e49fa9e39a4e4
x-served-by: cache-hhn1531-HHN
last-modified: Thu, 07 Feb 2019 17:47:37 GMT
server: cloudinary
x-timer: S1551201683.420209,VS0,VE1
etag: "24034b25aea47efa3ac6cbf5bb4a23c4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

POST
H2 204 available Show response
trc.taboola.com/marieclairefrance-magicmaman/log/3/ 0
193 B 16ms
15ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/marieclairefrance-magicmaman/log/3/available
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1551201683.324818,VS0,VE8
x-served-by: cache-hhn1531-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 sport-jeune-maman.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w600_h315_c1/15y/ 10 KB
10 KB 11ms
9ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w600_h315_c1/15y/sport-jeune-maman.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6bf11ea92828bdff7e3084819ab7cd1ac49a7982795008a3dc3daf2ba56966b2

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 451737
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w600_h315_c1/15y/sport-jeune-maman.jpg
content-length: 9882
x-request-id: c53056492451226e
x-served-by: cache-hhn1531-HHN
last-modified: Wed, 20 Feb 2019 10:06:00 GMT
server: cloudinary
x-timer: S1551201683.426854,VS0,VE1
etag: "c5d0aa450282ac5a0eafa08a2488f73e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 perte-de-cheveux-accoucheme.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w200_h200_c18/40/ 9 KB
9 KB 10ms
9ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w200_h200_c18/40/perte-de-cheveux-accoucheme.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4264e49b8839dc9170dbd4e31665595d4f2230a04ffc3479cbc72323beffd5cf

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 532803
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cache.magicmaman.com/data/photo/w200_h200_c18/40/perte-de-cheveux-accoucheme.jpg
content-length: 8919
x-request-id: 47faaf530db777b6
x-served-by: cache-hhn1531-HHN
last-modified: Wed, 20 Feb 2019 11:08:46 GMT
server: cloudinary
x-timer: S1551201683.434095,VS0,VE1
etag: "dca82e6100965a1984b18082eef3fb19"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 sexe-astro-maman.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cache.magicmaman.com/data/photo/w600_h315_ci/5c/ 15 KB
15 KB 9ms
9ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cache.magicmaman.com/data/photo/w600_h315_ci/5c/sexe-astro-maman.jpg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 83f4156c84ad795c6625e020d1bd6edf8c6b34a8eadb7c6b7a8f05f40506e11e

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
age: 428713
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cache.magicmaman.com/data/photo/w600_h315_ci/5c/sexe-astro-maman.jpg
content-length: 15216
x-request-id: 048571663cba76ae
x-served-by: cache-hhn1531-HHN
last-modified: Thu, 21 Feb 2019 12:38:41 GMT
server: cloudinary
x-timer: S1551201683.437371,VS0,VE1
etag: "2d82534b9d306de59f4bad9e9c9ea252"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
710 B 9ms
9ms Image
image/png 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 27926
x-cache: HIT
status: 200
date: Tue, 26 Feb 2019 17:21:23 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: XvamycYj5i9elo1HIxQVWoqB3bzM0MDs3mgweXjpvYdi7ZZIyzbyvzEvbwKvdJGIx5LiaLJce0k=
x-served-by: cache-hhn1531-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1551201683.338136,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-req: /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
x-amz-request-id: 093E8082E423E036
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 27
x-cache-hits: 205678

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/14_12_0/creatives/ 4 KB
2 KB 84ms
23ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.347-155-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10eba73b3641332bde05fa8d6223e7017ac5207673602247c35f358ea89e3092

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Wed, 06 Sep 2017 08:46:00 GMT
server: cloudflare
etag: W/"0df6cb700db4e2c8b3b7dcb734e91cb0"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1499351521
x-amz-meta-gid: 0
cf-ray: 4af41679e9a297a4-FRA
x-amz-cf-id: Me-D5dUM6WfX7T75uCPTYXs3Zssma-IhbfdwRwfHG7oY9YLWlYTIhg==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 st
imprammp.taboola.com/ Frame 159F 0
0 60ms
11ms Document
text/html 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=66297675&ttype=0&cirid=25CFBBA8248463258213438173&cicmp=2022605&cijs=1&dast=V7R3gCFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHG7La0CgUBnEyGo5mm8lqt5gNNpvNbrAYTQFDWGa_76CgnJ4es8sgKrreFrvDafa8YQhNp8Pnutfrfr-72uFzetwOt8Nu1_jdfrHo8nCaXm6X3fTWGF2nl1vkcmuMLtvLdTxLRqPJbjOYKzyHOwAAAAA8AECBrkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAc8GZoAEBxKJDTbHbZLa7Lzx8AAA8BIAAAAwokAAUDGyUAGZABJwAAAAAAAAAALP____8xA_OfSzIAHtzNNwY9AA8-AA9CAAAAWUPJh5nQmDL00UQFlkWMAAAAAHK5jZSPJnVCZVEFAECQbgVwBQAQkKYyfXSZpTso8RYGAAAQIDZDGO3uVrUtPrZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGElOpL0oIIMLvVfgEBANZ-AQEA2NQNAOBNAC7kTNB0Olz3eoXl8nDaXXbT9eH1G51uu9_htestP7_k5Tm9_KIjaMVgsDqCGAyWswMAAAC4-____8ebIYx2d6vaFtcDsc1mMVzMHKPVaObxWCyGwciyWZmco5lvYdjMLNsrsYbg8F4KSe_DEJbZ7zsoKKenx-wyiIqut8XucJo995uwxWg1mWyWw9lyMRkMR8PRaH8CthvgBA2Hg8VusNgtFsPJYjIaLAcLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCIMmXwj08I0WitGlsVatHHY1grXcrZWTTwb58qx3I1ME7fo9TF9ZiubxbHZomAAzV4EF-lE7bA8XR6zw2l52SwPu8flVjt8To_b4XbYLWKJ5mSRTmSXfW2zWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8u-ZPKNTAvTaK0YWRZr0cZhWytcy9laNfFsnCvHcjcyTdyi18f0ma1sFsdm31itFpPBYjbc7Bur1WIyWMyGm32HyjAOho5G8blq7shcOvXk8JQ5DQqXweL9SUyLaXd2EJ18R6fMIa0YG6pvQmE2eAwGRSwRnC7SiehlPF3EEsnTIp1oLIblcmIxOSeukcvm8s0szonJNdqYfKORxTnbTcQSpekinejFosvDaXq5XXbTW2N0nV5ukcutMbpsL9fxLBmNJrvNYK7wHC7qPzrEcDWXTAZz3WAuGUxWCQAAAAAAAABgCXPmTQAAAIBcgAe1412WCOyn3ZOIFA!&excid=22&tst=1&docw=0
Requested by: Host: arrainentzakohimnoak.org
URL: http://arrainentzakohimnoak.org/reste/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=66297675&ttype=0&cirid=25CFBBA8248463258213438173&cicmp=2022605&cijs=1&dast=V7R3gCFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHG7La0CgUBnEyGo5mm8lqt5gNNpvNbrAYTQFDWGa_76CgnJ4es8sgKrreFrvDafa8YQhNp8Pnutfrfr-72uFzetwOt8Nu1_jdfrHo8nCaXm6X3fTWGF2nl1vkcmuMLtvLdTxLRqPJbjOYKzyHOwAAAAA8AECBrkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAc8GZoAEBxKJDTbHbZLa7Lzx8AAA8BIAAAAwokAAUDGyUAGZABJwAAAAAAAAAALP____8xA_OfSzIAHtzNNwY9AA8-AA9CAAAAWUPJh5nQmDL00UQFlkWMAAAAAHK5jZSPJnVCZVEFAECQbgVwBQAQkKYyfXSZpTso8RYGAAAQIDZDGO3uVrUtPrZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGElOpL0oIIMLvVfgEBANZ-AQEA2NQNAOBNAC7kTNB0Olz3eoXl8nDaXXbT9eH1G51uu9_htestP7_k5Tm9_KIjaMVgsDqCGAyWswMAAAC4-____8ebIYx2d6vaFtcDsc1mMVzMHKPVaObxWCyGwciyWZmco5lvYdjMLNsrsYbg8F4KSe_DEJbZ7zsoKKenx-wyiIqut8XucJo995uwxWg1mWyWw9lyMRkMR8PRaH8CthvgBA2Hg8VusNgtFsPJYjIaLAcLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCIMmXwj08I0WitGlsVatHHY1grXcrZWTTwb58qx3I1ME7fo9TF9ZiubxbHZomAAzV4EF-lE7bA8XR6zw2l52SwPu8flVjt8To_b4XbYLWKJ5mSRTmSXfW2zWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8u-ZPKNTAvTaK0YWRZr0cZhWytcy9laNfFsnCvHcjcyTdyi18f0ma1sFsdm31itFpPBYjbc7Bur1WIyWMyGm32HyjAOho5G8blq7shcOvXk8JQ5DQqXweL9SUyLaXd2EJ18R6fMIa0YG6pvQmE2eAwGRSwRnC7SiehlPF3EEsnTIp1oLIblcmIxOSeukcvm8s0szonJNdqYfKORxTnbTcQSpekinejFosvDaXq5XXbTW2N0nV5ukcutMbpsL9fxLBmNJrvNYK7wHC7qPzrEcDWXTAZz3WAuGUxWCQAAAAAAAABgCXPmTQAAAIBcgAe1412WCOyn3ZOIFA!&excid=22&tst=1&docw=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://clients.clientarea.action.wpl-csa.info/
accept-encoding: gzip, deflate, br
cookie: t_gid=dd7d4a44-1d21-4ca6-a596-5b3c9e197d4b-tuct36efb13; __cfduid=df241fbbd3f5d475d87a5d6f116e505781551201683
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://clients.clientarea.action.wpl-csa.info/

Response headers

status: 200
server: nginx/1.13.12
content-type: text/html;charset=ISO-8859-1
accept-ranges: bytes
date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
x-served-by: cache-hhn1550-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1551201684.607330,VS0,VE9

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/20_29_0/infra/ 496 KB
115 KB 15ms
9ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/20_29_0/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105f29b211e2ee97c11e74efce5bffbdf14b19608e222c9261680e27cef79dd6

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Thu, 21 Feb 2019 13:48:22 GMT
server: cloudflare
etag: W/"904488d6f5bc54630165c55a7aa83cc9"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1550756889
x-amz-meta-gid: 0
cf-ray: 4af4167a4a8997a4-FRA
x-amz-cf-id: cOO_TwUVeKKm95e4OQ9n5JKTLkPkmrluOgps73Vc2_gwIvBJsrj70A==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/20_29_0/assets/css/ 26 KB
5 KB 16ms
10ms Stylesheet
text/css 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/20_29_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d42c201503dd050f82effff803f8a0423f814c3106fb8a564f295395692b04

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 6bbb9e57107c7a01cb917ee3ce235a9b.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Thu, 21 Feb 2019 13:48:14 GMT
server: cloudflare
etag: W/"6446ee80c97e997194d283e01d185979"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1550756885
x-amz-meta-gid: 0
cf-ray: 4af4167a4a8797a4-FRA
x-amz-cf-id: kNj_QoeMF_DbNXAy990AsqJlrnDbT7ayF5mgfMJSYS2ulIKRAqSxeg==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.5/ 15 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.5/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/20_29_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088026269c513598fa4b09ec64981cc0e3f6455089afd46031b28120a5dacf26

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
last-modified: Mon, 21 Jan 2019 11:55:32 GMT
server: cloudflare
etag: W/"d23ec1775274e058ac836b9c29cc63ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 4af4167b8d5f97a4-FRA
x-amz-cf-id: edOB5IiPVDlgXiQ3KLnUAlXKLwrdUE45uus0YZO_GBrShVTTurvf6g==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/ 536 KB
142 KB 10ms
10ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/20_29_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6bc949f0bf47d067fed3a36087451aa6aab6ad6e18c99d5cdc72c17bbb02b5

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 13:21:37 GMT
server: cloudflare
etag: W/"46ed8d7c2dcc177dd5b32ff073cc7163"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1550496096
x-amz-meta-gid: 0
cf-ray: 4af4167b8d6797a4-FRA
x-amz-cf-id: yA45aFfHvOww3utqKHmUk6Vb4OEL2gq24BjYAtAvduLcDPJhLdUlgA==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 st
convammp.taboola.com/ 0
52 B 44ms
17ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66297675&crid=5284075&dast=V7JR4CFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHGrLa0CgUBnEyGo5mm8lqOFlsRpvhYrcZwoasNjQKhUGcjIaj2Way2i1mg81msxssRlPAEJbZ7zsoKKenx-wyiIqut8XucJo9bxhC0-nwue71ut_vrnb4nB63w-2w2zV-t18sujycppfbZTe9NUbX6eUWudwao8v2ch3PktFostsM5grP4Q4AAAAADwBQoOsQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgAB7wZGgBQHArkNJtddovr8vMHAMBDAAgAwIACCUDBwEYJQAZkwAkAAAAAAAAAAMv___9_zMD855IMgAd3cw_Agw_AA1GBZREjAAAAgFxuI-WjSZ1QWVQBABCkWwFcAQAEpKlMH2GGAQAABIjNEEa7u1Vti48t0MPi95sddo3f7TIAAAAAAAAAALP_s380IaX6krQgAsxutV9AAIC1X0AAADZ1AwB4E4ALORM0nQ7XvV5huTycdpfddH14_Uan2-53eO16y88veXlOL7_oCFoxGKyOIAaD5ewAAAAA7v7____xZgij3d2qtsX1QGyzWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8v2SqwhOLyXQtL7MIRl9vsOCsrp6TG7DKKi622xO5xmz_0mbDFaTSab5XC2XEwGw9FwNNqfgO0GOEHD4WCxGyx2i8VwspiMBsvBAgViMMEJGY42k9Vot9pNlsPJaDTbTDZI0arVbLQZDFezyWy3Ww0Hw-VohBStWcwmk8VstNxtBsvJaDCcDIcIQybfyLQwjdaKkWWxFm0ctrXCtZytVRPPxrlyLHcj08Qten1Mn9nKZnFstigYQLMXwUU6UTssT5fH7HBaXjbLw-5xudUOn9PjdrgddotYojlZpBPZZV_bbBbDxcwxWo1mHo_FYhiMLJuVyTma-RaGzcyyL5l8I9PCNForRpbFWrRx2NYK13K2Vk08G-fKsdyNTBO36PUxfWYrm8Wx2TdWq8VksJgNN_vGarWYDBaz4WbfoTKMg6GjUXyumjsyl049OTxlToPCZbB4fxLTYtqdHUQn39Epc0grxobqm1CYDR6DQRFLBKeLdCJ6GU8XsUTytEgnGothuZxYTM6Ja-SyuXwzi3Nico02Jt9oZHHOdhOxRGm6SCd6sejycJpebpfd9NYYXaeXW-Rya4wu28t1PEtGo8luM5grPIeL-o8OMVzNJZPBXDeYSwaTVQIAAAAAAAAAWMKceRMAAAAgF-BB7XiXJQL7afckIgU!&cmcv=&pix=31589837&cb=1551201683761&uv=20290&abt=dis_vA&ru=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&unm=WIDGET_ITEM
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201684.805814,VS0,VE8
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 st
convammp.taboola.com/ 0
52 B 43ms
17ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=72&cisd=convusmp&cipid=66297675&crid=5284075&dast=V7JR4CFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHGrLa0CgUBnEyGo5mm8lqOFlsRpvhYrcZwoasNjQKhUGcjIaj2Way2i1mg81msxssRlPAEJbZ7zsoKKenx-wyiIqut8XucJo9bxhC0-nwue71ut_vrnb4nB63w-2w2zV-t18sujycppfbZTe9NUbX6eUWudwao8v2ch3PktFostsM5grP4Q4AAAAADwBQoOsQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgAB7wZGgBQHArkNJtddovr8vMHAMBDAAgAwIACCUDBwEYJQAZkwAkAAAAAAAAAAMv___9_zMD855IMgAd3cw_Agw_AA1GBZREjAAAAgFxuI-WjSZ1QWVQBABCkWwFcAQAEpKlMH2GGAQAABIjNEEa7u1Vti48t0MPi95sddo3f7TIAAAAAAAAAALP_s380IaX6krQgAsxutV9AAIC1X0AAADZ1AwB4E4ALORM0nQ7XvV5huTycdpfddH14_Uan2-53eO16y88veXlOL7_oCFoxGKyOIAaD5ewAAAAA7v7____xZgij3d2qtsX1QGyzWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8v2SqwhOLyXQtL7MIRl9vsOCsrp6TG7DKKi622xO5xmz_0mbDFaTSab5XC2XEwGw9FwNNqfgO0GOEHD4WCxGyx2i8VwspiMBsvBAgViMMEJGY42k9Vot9pNlsPJaDTbTDZI0arVbLQZDFezyWy3Ww0Hw-VohBStWcwmk8VstNxtBsvJaDCcDIcIQybfyLQwjdaKkWWxFm0ctrXCtZytVRPPxrlyLHcj08Qten1Mn9nKZnFstigYQLMXwUU6UTssT5fH7HBaXjbLw-5xudUOn9PjdrgddotYojlZpBPZZV_bbBbDxcwxWo1mHo_FYhiMLJuVyTma-RaGzcyyL5l8I9PCNForRpbFWrRx2NYK13K2Vk08G-fKsdyNTBO36PUxfWYrm8Wx2TdWq8VksJgNN_vGarWYDBaz4WbfoTKMg6GjUXyumjsyl049OTxlToPCZbB4fxLTYtqdHUQn39Epc0grxobqm1CYDR6DQRFLBKeLdCJ6GU8XsUTytEgnGothuZxYTM6Ja-SyuXwzi3Nico02Jt9oZHHOdhOxRGm6SCd6sejycJpebpfd9NYYXaeXW-Rya4wu28t1PEtGo8luM5grPIeL-o8OMVzNJZPBXDeYSwaTVQIAAAAAAAAAWMKceRMAAAAgF-BB7XiXJQL7afckIgU!&cmcv=&pix=&cb=1551201683772&uv=20290&abt=dis_vA&ru=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&unm=WIDGET_ITEM
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201684.805864,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 20ms
14ms Image
image/png 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-length: 24300
accept-ranges: bytes
x-amz-meta-uid: 0
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: cloudflare
etag: "ead84d746b6ee07ee78dc4243d7349c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-amz-meta-gid: 0
cf-ray: 4af4167bad9297a4-FRA
x-amz-cf-id: AA49VC-2VVjigPkDLOnz4yPStmWQFPZJCLwd2533T4tFfz7GfNRugA==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
892 B 20ms
15ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: cloudflare
etag: W/"e871e80b457ead7801d3bbe63b25c4fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 4af4167bad9597a4-FRA
x-amz-cf-id: 4K8MxObdQP-M9qbOBJNf8AaTzsqNQqVV5a_CJrK5Q_3wGd7kNAC3gg==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
987 B 14ms
10ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: cloudflare
etag: W/"ae0344bce724db935e4f7ba6573ee516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 4af4167bad9997a4-FRA
x-amz-cf-id: eIPEy36i1UCrQUTiZEM-tPdnAnNWQdV1aJ9xaZdOTIZIkFFBV0Py2Q==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
794 B 16ms
11ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: cloudflare
etag: W/"3132e8c3bdd274efa7ce1531ec89580d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 4af4167bad9c97a4-FRA
x-amz-cf-id: mreWhP7cYRDN4ARl_Z_8y3upyQU9bhOJSk9VOdPIf9JdnfMXLAb4rQ==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
874 B 18ms
14ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: cloudflare
etag: W/"b14888c73642ebc29c1451727eb1eb8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 4af4167bad9e97a4-FRA
x-amz-cf-id: dnkog9Ehb5zJlq15u0jN8y_yZhsr3uZI-3m4CjwCgrxg-AXXxXy06A==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 player.css
vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/assets/ 13 KB
2 KB 11ms
10ms Stylesheet
text/css 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/assets/player.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7b0822fa40be3fb8bcbdfb17574332f6da59adb2ddfe741e277f7240b67daa

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 13:21:38 GMT
server: cloudflare
etag: W/"6f1147dfc105dd8225faf22168ea2b2b"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1550496097
x-amz-meta-gid: 0
cf-ray: 4af4167c1eb997a4-FRA
x-amz-cf-id: WRzCr-sfwnXd4-ehVhMHhTatpZ4bumh3SBvQzqdBNFVs-RCMTWTC4w==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 dsm.js Show response
vidstat.taboola.com/dsm/160/ 4 KB
4 KB 10ms
9ms Script
application/octet-stream 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/dsm/160/dsm.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79256596651fada8387ed50d76563589ef64c5df795204edda4aeca8ace76c96

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Miss from cloudfront
status: 200
content-length: 4246
last-modified: Mon, 25 Feb 2019 14:22:50 GMT
server: cloudflare
etag: "72f9a361f7f042a21cdf4e5c41e42d83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4af4167c1ebc97a4-FRA
x-amz-cf-id: BNeUCmu_cCRSyqdzdIPECaUaqwyWWcDKmJK0rb_gR6IquhI_lSufUg==
expires: Fri, 29 Mar 2019 17:21:23 GMT

GET
H2 200 hjk.js Show response
vidstat.taboola.com/hjk/219/ 3 KB
3 KB 10ms
10ms Script
application/octet-stream 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/hjk/219/hjk.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3d2f10567dd9dddd7cf29fee3886491cc55a00f2e8cad78d36866ad4ca070f

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-length: 2963
last-modified: Tue, 19 Feb 2019 13:31:32 GMT
server: cloudflare
etag: "936c68e2c44725db692b373027dd57c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4af4167c1ebf97a4-FRA
x-amz-cf-id: VTCftZ5VllfRY6OmhCBT0LXqNJJhqJ8RvGjPiKjGc5JGF2lBas0TnA==
expires: Fri, 29 Mar 2019 17:21:23 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
4 KB 152ms
127ms XHR
application/json 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=660&height=371&pubid=169497&tagid=953497&crid=5284075&noaop=2&sortOrderType=0&cb=1551201683862&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=986&pt=-799985574&tz=0&viewable=true&ddast=V7JR4CFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHGrLa0CgUBnEyGo5mm8lqOFlsRpvhYrcZwoasNjQKhUGcjIaj2Way2i1mg81msxssRlPAEJbZ7zsoKKenx-wyiIqut8XucJo9bxhC0-nwue71ut_vrnb4nB63w-2w2zV-t18sujycppfbZTe9NUbX6eUWudwao8v2ch3PktFostsM5grP4Q4AAAAADwBQoOsQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgAB7wZGgBQHArkNJtddovr8vMHAMBDAAgAwIACCUDBwEYJQAZkwAkAAAAAAAAAAMv___9_zMD855IMgAd3cw_Agw_AA1GBZREjAAAAgFxuI-WjSZ1QWVQBABCkWwFcAQAEpKlMH2GGAQAABIjNEEa7u1Vti48t0MPi95sddo3f7TIAAAAAAAAAALP_s380IaX6krQgAsxutV9AAIC1X0AAADZ1AwB4E4ALORM0nQ7XvV5huTycdpfddH14_Uan2-53eO16y88veXlOL7_oCFoxGKyOIAaD5ewAAAAA7v7____xZgij3d2qtsX1QGyzWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8v2SqwhOLyXQtL7MIRl9vsOCsrp6TG7DKKi622xO5xmz_0mbDFaTSab5XC2XEwGw9FwNNqfgO0GOEHD4WCxGyx2i8VwspiMBsvBAgViMMEJGY42k9Vot9pNlsPJaDTbTDZI0arVbLQZDFezyWy3Ww0Hw-VohBStWcwmk8VstNxtBsvJaDCcDIcIQybfyLQwjdaKkWWxFm0ctrXCtZytVRPPxrlyLHcj08Qten1Mn9nKZnFstigYQLMXwUU6UTssT5fH7HBaXjbLw-5xudUOn9PjdrgddotYojlZpBPZZV_bbBbDxcwxWo1mHo_FYhiMLJuVyTma-RaGzcyyL5l8I9PCNForRpbFWrRx2NYK13K2Vk08G-fKsdyNTBO36PUxfWYrm8Wx2TdWq8VksJgNN_vGarWYDBaz4WbfoTKMg6GjUXyumjsyl049OTxlToPCZbB4fxLTYtqdHUQn39Epc0grxobqm1CYDR6DQRFLBKeLdCJ6GU8XsUTytEgnGothuZxYTM6Ja-SyuXwzi3Nico02Jt9oZHHOdhOxRGm6SCd6sejycJpebpfd9NYYXaeXW-Rya4wu28t1PEtGo8luM5grPIeL-o8OMVzNJZPBXDeYSwaTVQIAAAAAAAAAWMKceRMAAAAgF-BB7XiXJQL7afckIgU!&proto=2,3,5,6&dtagid=1675265&dpubid=328475&abtst=dis_vA&mPre=0.033&encoded=1&pstn=vforce2&cirf=https%3A%2F%2Fwww.magicmaman.com&callback=&en=1&wfv=1&cdb=&gdprApplies=false&amp=0&qsz=6
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e9b066995e769204c168bb76fbee094ff0b5943c7ea74b514428c49600a4ec0d

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 26 Feb 2019 17:21:24 GMT
via: 1.1 varnish
machineid: 1404
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 3796
x-served-by: cache-hhn1550-HHN
pragma: no-cache
server: nginx/1.13.12
x-timer: S1551201684.891310,VS0,VE120
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://clients.clientarea.action.wpl-csa.info
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
convammp.taboola.com/ 0
52 B 18ms
16ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?baseReportD=taboola.com&dataCenter=am&cijs=convusmp&ttype=81&cisd=convusmp&cipid=66297675&crid=5284075&dast=V7JR4CFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHGrLa0CgUBnEyGo5mm8lqOFlsRpvhYrcZwoasNjQKhUGcjIaj2Way2i1mg81msxssRlPAEJbZ7zsoKKenx-wyiIqut8XucJo9bxhC0-nwue71ut_vrnb4nB63w-2w2zV-t18sujycppfbZTe9NUbX6eUWudwao8v2ch3PktFostsM5grP4Q4AAAAADwBQoOsQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgAB7wZGgBQHArkNJtddovr8vMHAMBDAAgAwIACCUDBwEYJQAZkwAkAAAAAAAAAAMv___9_zMD855IMgAd3cw_Agw_AA1GBZREjAAAAgFxuI-WjSZ1QWVQBABCkWwFcAQAEpKlMH2GGAQAABIjNEEa7u1Vti48t0MPi95sddo3f7TIAAAAAAAAAALP_s380IaX6krQgAsxutV9AAIC1X0AAADZ1AwB4E4ALORM0nQ7XvV5huTycdpfddH14_Uan2-53eO16y88veXlOL7_oCFoxGKyOIAaD5ewAAAAA7v7____xZgij3d2qtsX1QGyzWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8v2SqwhOLyXQtL7MIRl9vsOCsrp6TG7DKKi622xO5xmz_0mbDFaTSab5XC2XEwGw9FwNNqfgO0GOEHD4WCxGyx2i8VwspiMBsvBAgViMMEJGY42k9Vot9pNlsPJaDTbTDZI0arVbLQZDFezyWy3Ww0Hw-VohBStWcwmk8VstNxtBsvJaDCcDIcIQybfyLQwjdaKkWWxFm0ctrXCtZytVRPPxrlyLHcj08Qten1Mn9nKZnFstigYQLMXwUU6UTssT5fH7HBaXjbLw-5xudUOn9PjdrgddotYojlZpBPZZV_bbBbDxcwxWo1mHo_FYhiMLJuVyTma-RaGzcyyL5l8I9PCNForRpbFWrRx2NYK13K2Vk08G-fKsdyNTBO36PUxfWYrm8Wx2TdWq8VksJgNN_vGarWYDBaz4WbfoTKMg6GjUXyumjsyl049OTxlToPCZbB4fxLTYtqdHUQn39Epc0grxobqm1CYDR6DQRFLBKeLdCJ6GU8XsUTytEgnGothuZxYTM6Ja-SyuXwzi3Nico02Jt9oZHHOdhOxRGm6SCd6sejycJpebpfd9NYYXaeXW-Rya4wu28t1PEtGo8luM5grPIeL-o8OMVzNJZPBXDeYSwaTVQIAAAAAAAAAWMKceRMAAAAgF-BB7XiXJQL7afckIgU!&cmcv=&uv=20290&unm=WIDGET_ITEM&cb=1551201683852&abt=dis_vA&
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:23 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201684.868830,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK s3HE3sPl14rh4AB_pxEbyq+HVGYgiZbnLQB34ZLFN7kA7RDkzmCzoTesa7SF6bx9 Show response
ads.adaptv.advertising.com/a/h/ 249 B
980 B 73ms
15ms XHR
text/xml 18.194.187.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/a/h/s3HE3sPl14rh4AB_pxEbyq+HVGYgiZbnLQB34ZLFN7kA7RDkzmCzoTesa7SF6bx9?pet=preroll&pageUrl=https%3A%2F%2Fwww.magicmaman.com&eov=eov&context=activity%3DGeneralDesktop4SecureCloned&categories=inline&cb=R0.1551201684018&a.ip=185.220.70.202&a.ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&pi.width=660&pi.height=371&pi.viewable=-1&gdpr=1&duration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.8.6/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.187.242 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
Origin: https://clients.clientarea.action.wpl-csa.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Content-Encoding: gzip
Server: adaptv/1.0
Content-Type: text/xml
Access-Control-Allow-Origin: https://clients.clientarea.action.wpl-csa.info
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 192
Expires: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Content-Type: image/png

GET
H2 200 st
convammp.taboola.com/ 0
52 B 18ms
17ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=54&cisd=convusmp&cipid=66297675&crid=5284075&dast=V7JR4CFgNJElT_60R_IgRJElT_60R_IgUAAAAGBuIHGrLa0CgUBnEyGo5mm8lqOFlsRpvhYrcZwoasNjQKhUGcjIaj2Way2i1mg81msxssRlPAEJbZ7zsoKKenx-wyiIqut8XucJo9bxhC0-nwue71ut_vrnb4nB63w-2w2zV-t18sujycppfbZTe9NUbX6eUWudwao8v2ch3PktFostsM5grP4Q4AAAAADwBQoOsQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgAB7wZGgBQHArkNJtddovr8vMHAMBDAAgAwIACCUDBwEYJQAZkwAkAAAAAAAAAAMv___9_zMD855IMgAd3cw_Agw_AA1GBZREjAAAAgFxuI-WjSZ1QWVQBABCkWwFcAQAEpKlMH2GGAQAABIjNEEa7u1Vti48t0MPi95sddo3f7TIAAAAAAAAAALP_s380IaX6krQgAsxutV9AAIC1X0AAADZ1AwB4E4ALORM0nQ7XvV5huTycdpfddH14_Uan2-53eO16y88veXlOL7_oCFoxGKyOIAaD5ewAAAAA7v7____xZgij3d2qtsX1QGyzWQwXM8doNZp5PBaLYTCybFYm52jmWxg2M8v2SqwhOLyXQtL7MIRl9vsOCsrp6TG7DKKi622xO5xmz_0mbDFaTSab5XC2XEwGw9FwNNqfgO0GOEHD4WCxGyx2i8VwspiMBsvBAgViMMEJGY42k9Vot9pNlsPJaDTbTDZI0arVbLQZDFezyWy3Ww0Hw-VohBStWcwmk8VstNxtBsvJaDCcDIcIQybfyLQwjdaKkWWxFm0ctrXCtZytVRPPxrlyLHcj08Qten1Mn9nKZnFstigYQLMXwUU6UTssT5fH7HBaXjbLw-5xudUOn9PjdrgddotYojlZpBPZZV_bbBbDxcwxWo1mHo_FYhiMLJuVyTma-RaGzcyyL5l8I9PCNForRpbFWrRx2NYK13K2Vk08G-fKsdyNTBO36PUxfWYrm8Wx2TdWq8VksJgNN_vGarWYDBaz4WbfoTKMg6GjUXyumjsyl049OTxlToPCZbB4fxLTYtqdHUQn39Epc0grxobqm1CYDR6DQRFLBKeLdCJ6GU8XsUTytEgnGothuZxYTM6Ja-SyuXwzi3Nico02Jt9oZHHOdhOxRGm6SCd6sejycJpebpfd9NYYXaeXW-Rya4wu28t1PEtGo8luM5grPIeL-o8OMVzNJZPBXDeYSwaTVQIAAAAAAAAAWMKceRMAAAAgF-BB7XiXJQL7afckIgU!&cmcv=&pix=&cb=1551201684072&uv=20290&abt=dis_vA&ru=http%3A%2F%2Farrainentzakohimnoak.org%2Freste%2F&unm=WIDGET_ITEM&debug=pn:5!sqg:0!ft:0!fsc:!fpc:!&
Requested by: Host: clients.clientarea.action.wpl-csa.info
URL: https://clients.clientarea.action.wpl-csa.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients.clientarea.action.wpl-csa.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 17:21:24 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1551201684.082209,VS0,VE9
x-served-by: cache-hhn1550-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eshop.magicmaman.com
URL: https://eshop.magicmaman.com/retailer/getProductLink?clientId=magicmaman&url=https%3A%2F%2Fwww.amazon.fr%2FPhyto-Phytocyane-Antichute-Stimulateur-Croissance%2Fdp%2FB00C2U8XM8%2Fref%3Dsr_1_1%3Fie%3DUTF8%26qid%3D1544437453%26sr%3D8-1%26keywords%3Dphytocyane&template=button&containerId=retailerbutton5c754642c7bd7&sectionId=3046

Domain: eshop.magicmaman.com
URL: https://eshop.magicmaman.com/retailer/getProductLink?clientId=magicmaman&url=https%3A%2F%2Fwww.amazon.fr%2FPuressentiel-Anti-Chute-S%C3%A9rum-Traitant-150%2Fdp%2FB00NQI9QSU%2Fref%3Dsr_1_1%3Fie%3DUTF8%26qid%3D1544195021%26sr%3D8-1%26keywords%3Dpuressentiel%2Bantichute&template=button&containerId=retailerbutton5c754642ca1c3&sectionId=3046

Domain: eshop.magicmaman.com
URL: https://eshop.magicmaman.com/retailer/getProductLink?clientId=magicmaman&url=https%3A%2F%2Fwww.amazon.fr%2FEUGENE-PERMA-Professionnel-Programme-Pro-Densit%C3%A9%2Fdp%2FB0716VFBRQ%2Fref%3Dsr_1_1%3Fs%3Dbeauty%26ie%3DUTF8%26qid%3D1544450800%26sr%3D1-1%26keywords%3Deugene%2Bperma%2Bessentiel%2Bkit&template=button&containerId=retailerbutton5c754642cb817&sectionId=3046

Domain: rtb.4finance.com
URL: https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f1a00eea-88ae-4858-aa85-42c1bda9bad5&bsw_param=f1a00eea-88ae-4858-aa85-42c1bda9bad5

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.adsixmedia.fr
abs.proxistore.com
ad.piximedia.com
ads.adaptv.advertising.com
ads.stickyadstv.com
api.dmcdn.net
api.pxlad.io
api.skimlinks.mgr.consensu.org
appn-sync.nuggad.net
arrainentzakohimnoak.org
auth.audience.acpm.fr
bei.nuggad.net
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
cache.magicmaman.com
cdn.taboola.com
ced.sascdn.com
clients.clientarea.action.wpl-csa.info
cm.g.doubleclick.net
collecte.audience.acpm.fr
connect.facebook.net
convammp.taboola.com
d.agkn.com
eshop.magicmaman.com
fastlane.rubiconproject.com
fw-sync.nuggad.net
googleads.g.doubleclick.net
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
js.agkn.com
loadeu.exelator.com
lpm-gmc.nuggad.net
match.adsrvr.org
match.taboola.com
p.skimresources.com
px.powerlinks.com
r.skimresources.com
rtb.4finance.com
rtb.mfadsrvr.com
s.skimresources.com
sb.scorecardresearch.com
sdk.privacy-center.org
secure.adnxs.com
server.exposebox.com
staticxx.facebook.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
tag.audience.acpm.fr
tagmanager.smartadserver.com
tags.bluekai.com
targetemsecure.blob.core.windows.net
trc.taboola.com
vidstat.taboola.com
wf.taboola.com
www.audiencemanager.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.storygize.net
www.ultimedia.com
x.skimresources.com
eshop.magicmaman.com
rtb.4finance.com
104.111.241.32
147.75.102.200
151.101.2.2
151.101.2.49
151.139.128.10
172.217.23.130
178.250.2.89
18.194.187.242
18.195.230.94
18.197.71.228
185.33.223.202
185.33.223.220
192.132.33.27
195.200.110.137
198.54.121.233
2.16.186.59
2.18.234.233
2.19.46.9
2001:8d8:100f:f000::2ab
213.19.162.21
23.43.115.95
2600:9000:2043:6c00:5:b7cc:d3c0:93a1
2600:9000:2043:9600:15:efbc:e300:93a1
2606:4700::6810:5424
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2008
2a00:1450:400c:c08::9b
2a00:cd0:1005:2:80:82:201:80
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.252.154.128
35.190.40.172
35.190.59.101
35.201.67.47
35.201.85.158
5.135.32.18
5.196.81.114
52.16.68.29
52.17.231.199
52.205.21.136
52.210.165.34
52.239.242.148
52.48.212.112
52.48.37.92
54.171.6.140
54.194.234.200
54.246.183.183
54.71.95.4
68.232.35.16
80.82.201.86
80.82.201.94
99.86.1.198
0617b8f56bc75e1fcf7d244f9314619f623ba3fed93796f16ce86d03e2c76ec0
088026269c513598fa4b09ec64981cc0e3f6455089afd46031b28120a5dacf26
0bb34b4098437eb2c3ecf00d86062e80c74e737dd2d6d506ae6d388259fcafe6
0cd548e059e8998174c57fe724253943fc0cd8556fdf250bd91b3777ad5cf720
105f29b211e2ee97c11e74efce5bffbdf14b19608e222c9261680e27cef79dd6
108634b324f3e976d3cacd2d8579378e732f1b5fd3f45010e5118b87c2e8c7cb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10eba73b3641332bde05fa8d6223e7017ac5207673602247c35f358ea89e3092
1ab4ae5f90a7422ac57fa106ba3975f557087eb266bc7223a5ee8310b910c135
1c6bc949f0bf47d067fed3a36087451aa6aab6ad6e18c99d5cdc72c17bbb02b5
1d8cff4993ef9ef831c326127133acad5024aa2623b06f767291ff818151c21c
1f5e8d521ee5a51c0e159704be70ef7d386dbced97831af0d463a827cf4b08cb
1f78383878fcf31a2093c2e021cd27b4b20fbc2e6b4ecb9e78762245506d2fc4
1fe71418c961b60988944cab19168614743519ef29f06e7e55029bd55c407fab
22beb14b2ff8729d96100a8e57f29564167b60ae0a1fac01a5ad848ab577c0c1
2cdce9af57afd0a3d1ce45611eedb5ed824f0122875a546cb751b0fdac816c54
2e8738ee236fb301147efc62ab5d3cc02b02834d8f1b816560e8df325a8648dd
31ab29ab3c8210575c1dc3b868397f964326ee17da2edd8ea834931d9a9ff12a
3545e4a3dc36705c4facd5a170bc240109e69063e96b3aebed0a82cb2ccb5b04
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4161a12b4fd1acb5e496e95ade9c20af5b339890f657d721492504a311afbfb5
41c49283b8a8acf71e27c5e16a73a56d18d65e49ff91df7a81419b951243bebd
4264e49b8839dc9170dbd4e31665595d4f2230a04ffc3479cbc72323beffd5cf
44edcff44255324b4be24d060012759a05c240894ccca23a396c1cabb4f13191
46b695e789e5566ef66da1ccb4dfd9c255864cd366264734dd975096d6480047
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
49a82e854f1af47fee73975310902081b1183e3fb862f919e0a209c464d43b25
4a8279eeeced0735e6ea5572bf6f85d55c0c7609b1883aa4bde18fc35e7e533a
4d1371cc4f6009c93a41e5299c146ac57bbdbfec6615f08441a1e328c4eb7724
4d7c0c2d2e1599414188cda791d1f34d3e4112f27c9cda1791f86f944dc003ec
4f09d28c6d05e389e95b125856fbf54614eafd3643ed5086062175baae062e83
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
50c8e1f23cdd3d0c7b44a89247d68f18babcfa46b4f7d71d6e3555ee67fdfd9c
51b85224ee39aac013d6d258dd3a9e1f6f9cc130a1fbb5fc7eeb950e3df83302
527e09cbcaa72193cb767384540d6eb179b98dae30c7c1c0fd6d52c62d56eaf7
5286e38324ccfdee0a0c37ab6fe9850c9f982c9fec902893c5d32e37e9db9130
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1c6a1be0a8308a6d18d36cb7915baebcd7921955b4ae859c28a902ff41a88
54d42c201503dd050f82effff803f8a0423f814c3106fb8a564f295395692b04
58b6ccc544f10dc71ad2f72f3fdb219879016b717f78cd1683e303208f0f607e
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b3a79ba4bd1785e3b540331397efac1b5ac4fd3778cdcc11a89a5bdabb837f9
5c7aa235733b1cb6f3f694b56c74e77dbb7428f365578dc1098f5a5d33d29563
5d4b4d1cc45889916955829f6c307dd96ec88188b5eb935b807c70a022dd961d
5e8a84182c43ff1bf670d8e776a51ec46c8d984cffafd970511d745823db8786
61401418318a2226caad9661fa4e2e22aca08208756974271468c20b64487481
648b09bd245cdffcb8c3b66cd638a59053bfcb3e1a296a1411cff2946870db14
64fd3873810fc1ac483f2256f64495e9db679268a015a4162edd1b8dc5234c29
661ea58a244b9577aae97731b3f94d5b963b57fdeaeda81fa61db0347dfa11b8
692ab66c053396ca31b7afff686be8c1c5c242d7892f0c4e1e7f31c30aaf0d14
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6bf11ea92828bdff7e3084819ab7cd1ac49a7982795008a3dc3daf2ba56966b2
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c907da4662bfa1b8ca7c2ba82cda7d18711c7c9c37fc508ada4a9b827606065
6d28cfdba0a90d02acc932a26e81bf2f55c2740669472025881a41dad19058c0
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6e85226f6be42adaf176ca85916c461b8cb8d225a0c34279ae5b558a36fba983
6f9131b9e088f5eefb3c291b5eae884ec340bb4cf6e0eb7ce5e136569f7f49e2
6f9eeb42182c8e7d72133ad1a5a623dee560e2fff5d018dbf8c5921798b33fb0
7104da56501a7bdede3e8177cfda915704212676cf6c531146b916e66ccf7800
7199156f53cd290e2135cbf4f7776fded8103c20a35556165d3b67a2511721fe
72794cd46b1ac26e67fd7bd1267174d22f7c0fd95562b41b2b0114f6d9927354
7281db6112fd4b1d592ff0777339188a676b2c0e7e72bb615a033a8d137ab29b
73f4e363e96f8e8cabf9afb84271e9c055e2ce5437567145abcf073bfecdb75c
7791f5b4b1551e0a0972c4fdd181371aef1e33853bdf6141318f65c41982dd6a
79256596651fada8387ed50d76563589ef64c5df795204edda4aeca8ace76c96
7c7ebedc4be9f54aaf57f8bebd8b9895bed88cfe30b231245e61b36185e75ef0
7d2797aec02b71f4a720fd4e702da67083cd528ba77f634c2ae9f4a9829b3a0b
7d5ed2356a654f3eb226c68062fdf9fbf19a2a21292a3bec95e9bfd8fe189234
7d7b0822fa40be3fb8bcbdfb17574332f6da59adb2ddfe741e277f7240b67daa
7f590a1dff49c2831f059e2d3e3fee8c11021197a7729bb3ed749d564c558546
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839ce04b28bac61d63ffd8d4b23ae98de62e60106ed9123140945de76045c636
83f4156c84ad795c6625e020d1bd6edf8c6b34a8eadb7c6b7a8f05f40506e11e
879f5873432947dd5971d652f3cba47ce6b20469e31b8c10021346c0ead52b66
87b337386d6a392e2e92c942a70d235df1db3117b3e0dc9b35a21f0160eaafc8
88bc26c3773892d715e1e7811635553430f4da92f9c8b0be165deee8a09b5f42
89ca32663880fa51e63672109926de3024e268819d4df5cd56dcd88786554e07
8cf86a72113bf82c9112e51ae4014892fe638786d0b55939d284f485ffa04c4a
8d3d2f10567dd9dddd7cf29fee3886491cc55a00f2e8cad78d36866ad4ca070f
918ab52aad406b54e87895d7339a15d3a04be6ceda2a6475e2adb9770f547933
9443dd70a9774a69c67c9843cde40aaa79ec9c3f1575e4121e0302d07379eeaf
952f64cf7b26e4eb1ab92074cb01c945a422f0c4a509c18e16b41810cfbbecca
95556dd2a4af40061c725ceed08d55311b71a94aad4d3907a740cc2a9a784e19
9870aa383c15fedca8b040a95396bd0b9f66804ed70e7c16618950a3e8a23d9f
9b05913f1856b7c5779a0b218cff4a1cf10665cb9901d55e63190920fabd5ce6
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e67f27105e627dc8faeb6d544ff7f8d00e13c5762bd7d015d18585f264c488c
9eb17a71f8893cc62c9c8225644c73b6ae197bcf87e64c9f17107b65d87ebcf3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4665d1c22d4924df518a23714b41d87737bf2f6a5591081c4a1ba23dc96e700
a58ed0253138b1bcdebe20ea04bede14f945b16b011bbd554055a05865d61969
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9bcca8af5f56ad8824d1731c192f99b3aaced17f3e26752ed2853b907ab45f2
aaf50be2164c35705dacf582e028332c286faa3185dd19e6c1596f9b695196d6
ac47869b95fa7ef69f36426bf19d21f50af565ba19e807410dd976062457c6fd
b46dbd31f267050b4c500764c95f725dd44e8054623fdd38bf431d8b80c06b8f
ba3c75139a8fecf5c8811dbd8d12f6e74b28bffaf74ae0a808d4f5cebf097c14
ba630853895ab60048f570946aeee9b38fe877dc8827eb43f1cb8457c56e11ce
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c44e15a16f7693a9b84e086efd9f0a0e5d7f38d243a8bf198bc047c5c2539ad4
c5ff0b949749baa702f183178154883308fd6c5c28a48a6cc50d0cb3ba64ea22
c6834fe67c87faf511c024906640a07c460e06c5d62b249b25fbc71b2c5eae74
c6c46305edb881a489fb435876af7f32fa619e54b2175cb55cc4ffa5b2dd900d
d0c506cb08366f0753df295747d51ec68071dfd94f65e1ab5ffc23b575cee8ca
d7bf10002e5a3be0b533aa25282f016c7b51630c5e6b07a7fce833ebcbdd9618
d7f05e8c19f960a57f6e6a5504632af4af52fff4400e9f355d6338b925a529b3
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
db37ba691ef84f39093b3a165302685ef8c272f1481d985f86c762a9cb593859
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de643914fa5858defe271b7492b4ff8a4524245cc1d4e99d974a628700da1ad8
deedabfdc2f3738f0a5486916209a32c8298cc469fe189ce3aa3f51c0d329421
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e532115cd470748b24addc196ea7112709d7554a1533a91c97a110c84ac3a004
e6a396ea3805b674bb612ddbe51030a4432ef60c49a52faaaa49a7a4a57bbe76
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e9b066995e769204c168bb76fbee094ff0b5943c7ea74b514428c49600a4ec0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f1e72890066210f94acdac1ce39e6f2ffac0698663663f82ac381aa7846daf11
f28890097588841710193f9aeeb59ebf3836999d5da2bf438a47a46eba4ba403
f3560b4a692960c1d0af16b377cf757d8dc9985262a849684e273fc73b02675a
f54b92673ed70cb249b4c1ee6a49b79323024fd88d44e438e556e60f55ae6d89
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6fbf5bd1e9d293924431cb80579a89ce003b09ced5eef7853d2606fc3804dbd
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

clients.clientarea.action.wpl-csa.info Open in urlscan Pro 198.54.121.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

97 %HTTPS

24 %IPv6

45 Domains

68 Subdomains

46 IPs

8 Countries

1581 kBTransfer

4652 kBSize

0 Cookies

121 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

clients.clientarea.action.wpl-csa.info Open in urlscan Pro
198.54.121.233 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

97 %
HTTPS

24 %
IPv6

45
Domains

68
Subdomains

46
IPs

8
Countries

1581 kB
Transfer

4652 kB
Size

0
Cookies

165 HTTP transactions
2 data transactions