leloftdenimes.fr Open in urlscan Pro
2a02:4780:28:34f8::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://leloftdenimes.fr/
Submission: On October 05 via api (October 5th 2024, 3:13:28 am UTC) from LU — Scanned from FR

Summary HTTP 76 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 76 HTTP transactions. The main IP is 2a02:4780:28:34f8::1, located in Paris, France and belongs to AS-HOSTINGER, CY. The main domain is leloftdenimes.fr.
TLS certificate: Issued by R11 on September 16th 2024. Valid for: 3 months.

This is the only time leloftdenimes.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a02:4780:28:... 2a02:4780:28:34f8::1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	77.37.120.168 77.37.120.168	47583 (AS-HOSTINGER) (AS-HOSTINGER)
20	2600:9000:266... 2600:9000:266e:f600:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	109.95.157.167 109.95.157.167	48896 (DHOSTING-...) (DHOSTING-AS Warsaw)
7	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
20	104.17.245.40 104.17.245.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
76	17

4 2a02:4780:28:34f8::1 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)

leloftdenimes.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.37.120.168 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv512837.hstgr.cloud

pp8.pportale.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:266e:f600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

q-xx.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.95.157.167 (Poland)

ASN48896 (DHOSTING-AS Warsaw, Poland, PL)
PTR: web03-s221.ewh.eu1.dhosting.com

pportale.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.17.245.40 (None, )

ASN13335 (CLOUDFLARENET, US)

api.maptiler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	maptiler.com api.maptiler.com — Cisco Umbrella Rank: 28927	361 KB
20	bstatic.com q-xx.bstatic.com — Cisco Umbrella Rank: 18056	122 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	207 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	112 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643 www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	leloftdenimes.fr leloftdenimes.fr	1 MB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838	545 KB
3	pportale.pl pp8.pportale.pl pportale.pl	161 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	180 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
76	12

	Domain	Requested by
20	api.maptiler.com	leloftdenimes.fr
20	q-xx.bstatic.com	leloftdenimes.fr
7	cdnjs.cloudflare.com	leloftdenimes.fr
5	pagead2.googlesyndication.com	leloftdenimes.fr pagead2.googlesyndication.com
4	leloftdenimes.fr	leloftdenimes.fr
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ka-f.fontawesome.com	kit.fontawesome.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	pp8.pportale.pl	leloftdenimes.fr
2	www.googletagmanager.com	leloftdenimes.fr www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	kit.fontawesome.com	leloftdenimes.fr
1	pportale.pl	leloftdenimes.fr
1	code.jquery.com	leloftdenimes.fr
76	16

This site contains links to these domains. Also see Links.

Domain
leafletjs.com
www.openstreetmap.org
policies.google.com
polskieportale.pl

Subject Issuer	Validity	Valid
leloftdenimes.fr R11	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
pp8.pportale.pl R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
pportale.pl R10	`2024-08-30` - `2024-11-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
maptiler.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://leloftdenimes.fr/
Frame ID: CC1B06FE5081A6783C46586EC72868B5
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 65DFE43766881314FA69B359F060825B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6460175736944505&output=html&adk=293675617&adf=814277786&abgtt=1&lmt=1728098003&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fleloftdenimes.fr%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728098002869&bpp=3&bdt=471&idt=387&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1432867131818&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95330278%2C95342015%2C95343328%2C95344189&oid=2&pvsid=3938618795778520&tmod=834775790&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=399
Frame ID: D7D2625B94894DEB5FAA4538E99AF9F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6460175736944505&output=html&h=170&slotname=3136731869&adk=3992575858&adf=3915612545&pi=t.ma~as.3136731869&w=840&abgtt=1&lmt=1728098003&rafmt=11&format=840x170&url=https%3A%2F%2Fleloftdenimes.fr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728098002872&bpp=1&bdt=474&idt=404&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1432867131818&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95330278%2C95342015%2C95343328%2C95344189&oid=2&pvsid=3938618795778520&tmod=834775790&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=409
Frame ID: 3D619934F6ACD205C620CD429C0061A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 8DA377A8956424CFE67C100C92A5908E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52C68168D6162C6D7DCEDF06559B5EDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Réservez en France : hôtels de luxe, gîtes, auberges économiques.

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

76
Requests

99 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

17
IPs

5
Countries

3140 kB
Transfer

8034 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://www.openstreetmap.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites
Title: Google

Search URL Search Domain Scan URL

URL: https://polskieportale.pl/rodo
Title: RGPD

Search URL Search Domain Scan URL

URL: https://polskieportale.pl/
Title: PolskiePortale.pl

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
leloftdenimes.fr/ 4 MB
1 MB 1972ms
1831ms Document
text/html 2a02:4780:28:34f8::1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://leloftdenimes.fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:28:34f8::1 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 91aa206161d00bfb827b946a2b27d51848c8498fab8a24e7610d244ddbc5855b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Oct 2024 03:13:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 62ms
18ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 4290108
x-cache: HIT, HIT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 13, 682504
x-served-by: cache-lga21931-LGA, cache-lcy-eglc8600055-LCY
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1728098002.453358,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H/1.1 200
OK affiliate0_min.css
leloftdenimes.fr/_css/ 18 KB
5 KB 61ms
21ms Stylesheet
text/css 2a02:4780:28:34f8::1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://leloftdenimes.fr/_css/affiliate0_min.css?0098
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:28:34f8::1 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 4487af98036da41c15053efcf2747d1345f4b4028925e7110bfb6d821826e5bc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 4919
Keep-Alive: timeout=15, max=100
Date: Sat, 05 Oct 2024 03:13:22 GMT
Last-Modified: Tue, 28 May 2024 06:20:49 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
104 KB 109ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-450R68E3M3

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

627f0b90c2bac494bf5f6b15661ac53e4dad29521bedca77c72912d930b6decd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 05 Oct 2024 03:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105435
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ajax_loader.gif
pp8.pportale.pl/img/affiliate/ 7 KB
7 KB 121ms
24ms Image
image/gif 77.37.120.168
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp8.pportale.pl/img/affiliate/ajax_loader.gif
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.37.120.168 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv512837.hstgr.cloud
Software: Apache /
Resource Hash: 0101c5c18a248992c008a7c44a78ad27e62e8531751481a844e64bd28876bbc4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 7364
Keep-Alive: timeout=15, max=100
Date: Sat, 05 Oct 2024 03:13:22 GMT
Last-Modified: Fri, 12 Apr 2024 12:47:00 GMT
Content-Type: image/gif
Server: Apache

GET
H2 200 477930798.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 5 KB
6 KB 298ms
127ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/477930798.jpg?k=6c455023e6e353f6effdc3b1d27b050130ebc3c24fefdbc674a0fe28ab44f4d7&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d5fe5fa9419c93cc3afe0be75e4c2ae5b49778d861459f3216aa0bcd0d751ff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "1929bf03afe0b9363483ad0cdff70adb58f02d5e"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 5406
x-amz-cf-id: 0IgFdgw6EKvHlFj8kA6ZU3PEGu0EWx5_RKJgHCPV1a-poZ5F3t_pxQ==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 5406
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 477930827.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 5 KB
5 KB 206ms
108ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/477930827.jpg?k=31a7771d7797fcb1154509e25cf71589ad11e60434c408be6ade8778f2209bb7&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

32aec62a60f83c6b363294ef277b310c67ba99fab770b27c6ec5154326b78d54

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "80b8b0af0a950c8dea173883ee95cf143f84bcbc"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4850
x-amz-cf-id: OZYRacCWlQrrqxnQA6EsmPhDOVaXK05N_TazznAAEuwvlFxv6J21AA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4850
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 591488894.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 6 KB
6 KB 257ms
159ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/591488894.jpg?k=14de654c415f7e64ce173d281c6e62d0f5fb7d1b34a8875fc9642232e74d6051&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0383fba1569a29c1e7b8108a593788653cfd72897fe5b07d149e572414106cc1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "7a82e1f6343a59f820c3ca6202046fca4e0a6b6e"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 6109
x-amz-cf-id: _Aj7Ytt7s9nrulkRrrOj8AEKh5Z30bXcSBaodKw5YHZILY1Jkt9OWg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 6109
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 591488842.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
5 KB 211ms
113ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/591488842.jpg?k=d8b11abeaac4892844b66e86106e9a0d7d6d41abac2e1cb9eb95fb9ba2fc0d1e&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

248a9b4d5944525f37ded5253c536d4097c2f9e09265dc42ebb91aeef89c0d86

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "f4b0af8ecab107c3143e5d47dc947eddff66d03f"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4291
x-amz-cf-id: ekWLmNLu5ztlndorOrM1Oxl-9eGhVf_-7Z0XLsrf6oRnIBRn8_5yig==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4291
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 581234100.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 9 KB
9 KB 230ms
132ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/581234100.jpg?k=359e146a72c01e7a0730aa92b7f62dc47bc16f970b44c3c77635a0eec81432b1&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

710fee0a0d6637b31e9bfb0feee9397bfdaea0ff3547b46350fd7e334d72a692

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "ae13e725c3b24ddc711c88806f47fc1f1fc062ad"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: Byd_42bcEqSC91ziu15OsSdS_Qr9TCpJ5Xuhin_m967isyyt1Yy-fg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 8891
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 581234103.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 10 KB
10 KB 290ms
192ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/581234103.jpg?k=ea3213d9c16a65ad69ff24d478fb125ebf52846ca53e7375bef996e73567340d&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8783c53b44bd6a4bfa8d0e312d97a1372073064d9fa001a742e9b16cb38d89fb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "8749876c0dd9f8cacc64fd654fb4c22e6afcd3fa"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: nuHHgCtlWNYvfoZ5XhHNyp5dKk973RT3MwKciG76V7FmxM-zi8xNKA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 10009
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 504801561.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 5 KB
5 KB 196ms
109ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/504801561.jpg?k=7e6cf968d1b6a2b6175876688d433e93bbe6768727318093ae9d231e77adf5ab&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2e7cc07cd97f90b78ac849458d227bd1feb0e2f7535fe7d6c5551fff557f2ad2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "8a8d5802cb076b3f195ff0ea9e3bd8f7694c6c45"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 5171
x-amz-cf-id: oMOWXCRpDoqN8CvTb5Sr7VR5PAoj-Wzo7eyext-cJD3RqknED0FzZQ==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 5171
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 504801568.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
5 KB 256ms
168ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/504801568.jpg?k=6fd175eb56b3327b1cdf5a463b7de6498508c4f052ffb6fb59e0e30c5079b1fb&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f3910e0b8ae35faa7493f8f7e487f10c2c330bbb8df80851a3d0d22a1887b557

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "585bc451e472bf8e91edba369b91d0ae7ef3af1b"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4453
x-amz-cf-id: QRn7Alrjzq4Fu1xBJwkbZ7K-YBO4py7vmtko1Mh6xrzUtopSy0UDPg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4453
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 353490622.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 5 KB
5 KB 102ms
101ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/353490622.jpg?k=9b908daca1ea4a5f33849078d10df0ac0fb63b0a61f4a660bb12e0490dcbea56&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9a57ef76f4ac241190f8d996cdb39b5d884531c2c44885e8dee99c2eddd94eb0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "c2d16b90e00fcc8ed215a9259e549598efbcecf6"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 5163
x-amz-cf-id: NyHcEfxUscsMM5K9dFpWQDm1Jgx6otgT6YZ3CQqiXCjhS7Zgf9VzeQ==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 5163
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 353490615.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
5 KB 116ms
115ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/353490615.jpg?k=a86840a3d7c2293610992b9521468219eb652362fc4725fbbb459662af026ab6&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2324db3594059f07efe8eb7a1f458675bfda6c41c4a0118e786c50ddc44bab37

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "afc803d9e7b931f5e5ae46e9fd810d0b74b30b54"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4522
x-amz-cf-id: 3KL2T-7CY5gdhgCuhNfmc2eOMj6kygYmE_SAN8waCeq0W_ybzQwOpA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4522
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 544781748.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 6 KB
6 KB 180ms
179ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/544781748.jpg?k=5c96816d962e02acabf3c7788b4afb1fbfc1962c6c5bc120a2797f44a2630202&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

924eadbdd758ffcbd597f77bfcc2fde86c225f56da4787f66a51a160ebb286f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "8ca5bdb2625d74db2de01865a0241b9278a70026"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 6173
x-amz-cf-id: TQrtXyUbS9E2YaFkJy3P1QAf4hanMNw6W6JjRRX3UcRBQAXkb7FimA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 6173
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 544781750.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 7 KB
7 KB 120ms
119ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/544781750.jpg?k=1447eb68d542ab9124d8fb161e1c58596bd33d7a466b000df93b470d8e8e9603&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b13c4d905522a788351bed71c60310ba8d0a8fbab6f03c2e04751463893aa9bd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "f43e5ff9ddacb9a591a5de2688c3b8139c4fd4a3"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 6968
x-amz-cf-id: k3xgyWI-FdzikxIvLH1BBDwhHJPxDAVsMzQeQjwRwOO5MB7GqU3GNw==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 6968
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 216951362.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 7 KB
7 KB 164ms
163ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/216951362.jpg?k=842d11eebc8abc56bbe2ab486e131b0775a2f18199f68fbe48dfcc9d8caefb70&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5bedea6b90ff250214411d832a0aa1e005f8d8448cd4a8cdbda7ea5a182eccbd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "62c89f4460c453a304649c7fd1f8ed9d72d11c90"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 7030
x-amz-cf-id: 3mBGcz5TWSck03Kg7RNggMG2RvZ8jJBPpdK448pphqdrlowXopgNHw==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 7030
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 450095630.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 5 KB
5 KB 143ms
142ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/450095630.jpg?k=df5df1ad73aef31936445619b7dae6002cd3620436c9e6485f8e3553a60bee66&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad9f52810c3a25453162ed8b6efb95d10cdc7ddb5d5b1b7101ed8fb88bbac288

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "1c512f1ac89cbf2bdda3a7fb629fd3f4bc160711"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4754
x-amz-cf-id: Bwt6DwIL2SgrMnaOkCIJVDfUCzfe86R1DLU03ProEe19gy9je84mwg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4754
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 586147929.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
5 KB 127ms
126ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/586147929.jpg?k=a9b315462ab0e9bf50eb1cbca650b5852a012caab902b2f8ac9f64abdd8f0894&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd01ea659a8676aa3831de12ff41ec6eb57bd174cca2a6ce3184e066e62557f7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "7c350276d5703b7af4d51c48f86e2dd0eee47510"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4391
x-amz-cf-id: ZA8lrzvpMThqBTUw0xuYlrQ2PMoTTNpy0xtGL-6UWKrqh5opD4gLcg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4391
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 586147991.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
5 KB 168ms
167ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/586147991.jpg?k=9487682cc431613324cc54d4c88908efc9d655f5bed63c9b59c1ccd670856012&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f67472e21ee065c3f8551014c40048d20857ee4cf814dcfc32e32b66e4c91428

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "d167e69f55ff1a828baf7efbafedbd733c1d2f55"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4412
x-amz-cf-id: 1JW53y1FjAMy1BNxTsqWrlgKM7L7f9t-LHpartS1plniZf9hoaPPpA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4412
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 195765787.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 7 KB
7 KB 166ms
166ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/195765787.jpg?k=7cc93bf88a0d9fd364fcb68be898e3a1c201366932b42f53c830d1e625ac0eb9&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

670c98e985e97b085deb3fc4c2ef7c836cf3f20561fd28830c8810d8c86071db

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "37e038ef91234ea9d02dd3f98a92b91134fb25bb"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 7181
x-amz-cf-id: EP5DdfH0IQWL_ZxN9MQ4qPQyOc1cHd8YyzzWkvKBttSMUUeeWl9pZg==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 7181
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 444533577.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 4 KB
4 KB 173ms
173ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/444533577.jpg?k=e5484f0370f4bffaa7433dc96e98a26c7a73d355ea954ee6aa535f43c0efda91&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a18135560fa25ee603f19dd9de5c3de30d14ce6484b2658a723a514598b1697f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "8756e2c6fd922c0e72f523b61383c2d1653be50a"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4001
x-amz-cf-id: FwlqZDqOm75bdLLC4pN0HqaDeQ04BEJQvKUIJSkV_L3uBnD-krYtUQ==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 4001
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 251141700.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 7 KB
7 KB 172ms
171ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/251141700.jpg?k=1e5d408f5bc980c04f3de1b133f900791857486ba7ab502f4bf627cb73ca8130&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9de9187e62c46fe78891d34c87bbf010a9f41c31603eb75bcfc95971391c3923

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "6aa6d258f7dbeff7c4abfb72a53f78f6d278620e"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 6656
x-amz-cf-id: 12-p0-PnP_aRZLydXfLYt11G3dDbPIBxFDVjyZdoV__aPJsjoG22NQ==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 6656
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H2 200 416394582.jpg
q-xx.bstatic.com/xdata/images/hotel/max180/ 6 KB
7 KB 131ms
130ms Image
image/jpeg 2600:9000:266e:f600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/max180/416394582.jpg?k=6abb6d9c4fce66624a81f22718fbc902b196da06e3c3c7fec9e5d9c223631151&o=

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c3f24c1efcbecb885fb7adf7ff2153c27d9de900979c32eebc7f258295e90031

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *
etag: "59d742a416868b917ca0a1f2c4da531f2708d188"
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 6457
x-amz-cf-id: EEEgG0EheFWGYR4r5WF8oV7KXIRTbhrIPF75XY3UHRUB35ciRoGKoA==
date: Sat, 05 Oct 2024 03:13:22 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
content-language: 6457
server: nginx
x-amz-cf-pop: FRA56-P8

GET
H/1.1 200
OK background.jpg
pp8.pportale.pl/img/affiliate/ 153 KB
153 KB 67ms
23ms Image
image/jpeg 77.37.120.168
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp8.pportale.pl/img/affiliate/background.jpg
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.37.120.168 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv512837.hstgr.cloud
Software: Apache /
Resource Hash: 81d57ba3c3923729a1eb711401ced2e306a1ae04b4dda230d351b23ba26b0bb2

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 156379
Keep-Alive: timeout=15, max=100
Date: Sat, 05 Oct 2024 03:13:22 GMT
Last-Modified: Fri, 12 Apr 2024 12:48:00 GMT
Content-Type: image/jpeg
Server: Apache

GET
H2 200 loader_camera2.svg
pportale.pl/img/affiliate/ 1 KB
812 B 172ms
39ms Image
image/svg+xml 109.95.157.167
DHOSTING-AS Warsaw

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pportale.pl/img/affiliate/loader_camera2.svg
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/_css/affiliate0_min.css?0098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.95.157.167 , Poland, ASN48896 (DHOSTING-AS Warsaw, Poland, PL),
Reverse DNS: web03-s221.ewh.eu1.dhosting.com
Software: LiteSpeed /
Resource Hash: 6ff67e95ff672f978dfc41b1283d083c2c89ad30cd244334d0456c8082ea4d55

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=2592000
content-encoding: br
etag: "478-5e2d642d-5748d71b6268c284;br"
expires: Mon, 04 Nov 2024 03:13:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 480
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/svg+xml
last-modified: Sun, 26 Jan 2020 10:04:29 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 leaflet.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.5.1/ 14 KB
3 KB 167ms
142ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.5.1/leaflet.css

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed0-37bc"
age: 133931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cegtBnlDkjR6gcoV2DP4SHsF1p3RN%2F%2FUp4xJvFrUdcpo7er51xSfiSbzVZ1Ks0%2FHL3ZqBc%2BKrS519fr3DsMPph5xBlk2J%2Bz2eQ54KVsVmODW53KfMO2S7HZFecs%2FI%2BMID5repQmE"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44eccd02af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2771
server: cloudflare

GET
H3 200 leaflet.js Show response
cdnjs.cloudflare.com/ajax/libs/leaflet/1.5.1/ 138 KB
35 KB 45ms
40ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.5.1/leaflet.js

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

104ad96a6b8b79f5276cc0506ec12abb55126be6ed476a08942a4125bc83e3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed0-229de"
age: 1400909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsyxJqbtc5x2SzBVO5x0m46G4QGPWPwMWJN9yizhRpGbklXIOPIaj9PezkAHHcdR%2Fy2mJ3sFaeqiQV0T3OMhZe2xPtNBAZa3Cb1rqJHoD9046bWz8EmJiTWAJkvRy4WLvAQlcNsx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44ecc802af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35554
server: cloudflare

GET
H3 200 MarkerCluster.css
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/ 886 B
769 B 90ms
85ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/MarkerCluster.css

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b756b96397305917d2ff42bebdce58294f89879f0d0cfd18664fffbc59c5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed0-376"
age: 11153490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WjlZBLt071PVBGuQHD7PVzp9HxnKW91v06HRVg4QSQeFER0LxmnmDIN%2FWJv%2FwJTBchG%2FsnvJX5KSXN2%2Bu09%2FfU6x1GTs5xlIGKoYW6S8JQ07wOA7dzUqASopvFRn5CH3FJprQnU6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44ecc902af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 198
server: cloudflare

GET
H3 200 MarkerCluster.Default.css
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/ 1 KB
885 B 92ms
88ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/MarkerCluster.Default.css

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d687359a406651b1616bac9c60fba667f134fce24d3fb6bb621c173aa9c1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed0-542"
age: 214538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzgTaV%2FL3LrWNWKiKvfl3qhITBGRz6Nb2NZ6BFCDGEfmqoElRoOgoDqN6e4gVOVyzrXayrmDzxixltmBY8Eq5G15w02tmTQkqUBa1ay%2Byd2OA58xaQ1%2FBthbdAG0GozUo3RHVoL%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44eccb02af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 318
server: cloudflare

GET
H3 200 leaflet.markercluster.js Show response
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/ 33 KB
8 KB 90ms
86ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.4.1/leaflet.markercluster.js

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed0-83bc"
age: 80247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1u095nEPcmLdd0%2FfLae9%2FG5cu7KPYi3PqUhx1p0RTRfwiM%2BYHpQ%2BW4szSBzZIKrOzBs3jVgX8sMM%2BTlWNXuPCW0WGcVpTOqI9jWEMR%2FCLehGUct2O5RLcvbJ4aY0mSDiMahkIqn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44ecca02af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7750
server: cloudflare

GET
H3 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 248 KB
56 KB 32ms
28ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-3dee5"
age: 384332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3VwpX1inh1ej4VFqHYiogH7m4KAPMLwbJac97qjsNL1Jkmz8UspcXsSKsJdLzhk1PD%2F%2BWdV8zt3C13o04P67zMmwYZ%2BtV%2BPSd3EoDoDC433vcoaYnK%2BtuiyfjjmXKZOP9%2Bw3ZCl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c44eccc02af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57137
server: cloudflare

GET
H3 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/themes/blitzer/ 31 KB
7 KB 60ms
60ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/themes/blitzer/jquery-ui.min.css

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70687998314c27942ea241bbe9929c05acad1074dc1c93a24d7872c70a241319

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-7a49"
age: 1401177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK5pRD0pTuob38v0BH4m0zt9FDiPMHKppFTABjF1YuokC5GdyW49HovABBrAwdJIyCgqmqOylV%2FRTED3VP%2BP4YMTpn9Da6GLtJiWQ%2FvovI3G4O9TcEWPLLPqA4ETtK25obAQ%2FcJs"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 03:13:22 GMT
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cda3c457cf302af-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6608
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 98ms
46ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

be0bcbf3e47a96149012f14131f43f9a03d51b10924ba00b441f7a73aac2636e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: br
etag: 9749440668439188482
x-content-type-options: nosniff
expires: Sat, 05 Oct 2024 03:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52527
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK pl_site_min.js Show response
leloftdenimes.fr/_js/ 11 KB
3 KB 24ms
23ms Script
text/javascript 2a02:4780:28:34f8::1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://leloftdenimes.fr/_js/pl_site_min.js?0098
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:28:34f8::1 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: d1904ef6ff9afe4da5cd4de710a9d44b3e9dec94d377589d089ba99648976bc9

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3091
Keep-Alive: timeout=15, max=99
Date: Sat, 05 Oct 2024 03:13:22 GMT
Last-Modified: Mon, 08 Apr 2024 06:41:00 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/javascript

GET
H2 200 ca2eb027fc.js Show response
kit.fontawesome.com/ 13 KB
5 KB 570ms
502ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/ca2eb027fc.js
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac93c5d3a815eb9720326dcb7ee5919e93b30b55a70bd7f31a0988643555564e

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://leloftdenimes.fr
Referer: https://leloftdenimes.fr/

Response headers

access-control-max-age: 3000
x-request-id: F_tv-lzQsXk7atC9EIuB
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: EXPIRED
access-control-allow-methods: GET, OPTIONS
cf-ray: 8cda3c455e256f4c-CDG
access-control-allow-origin: *
date: Sat, 05 Oct 2024 03:13:23 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 71ms
25ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-450R68E3M3&gtm=45je4a20v870626028za200&_p=1728098002473&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=913619865.1728098003&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728098002&sct=1&seg=0&dl=https%3A%2F%2Fleloftdenimes.fr%2F&dt=R%C3%A9servez%20en%20France%20%3A%20h%C3%B4tels%20de%20luxe%2C%20g%C3%AEtes%2C%20auberges%20%C3%A9conomiques.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2290
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-450R68E3M3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://leloftdenimes.fr
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 44ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3412385-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-450R68E3M3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75c20f6fe3ba86c27d958ce544e19861bba6b40d1c502fd16c60bbf369296b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 05 Oct 2024 03:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77909
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 92ms
26ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3412385-15&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: gzip
age: 6194
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 05 Oct 2024 03:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 01:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 22.png
api.maptiler.com/maps/bright/256/6/31/ 15 KB
15 KB 244ms
212ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/31/22.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99791dd6259fdfdba2ac9c0061b4bfcab5bcff0b756c0d400362d88e660e9717

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f8ed13b-CDG
access-control-allow-origin: *
content-length: 15431
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 22.png
api.maptiler.com/maps/bright/256/6/32/ 18 KB
18 KB 138ms
106ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/32/22.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b806ea55cda0cb9726cb05cd48236e6f20d07b91f46cd1e24a71e0b0993002

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7ad13b-CDG
access-control-allow-origin: *
content-length: 18075
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 21.png
api.maptiler.com/maps/bright/256/6/31/ 22 KB
22 KB 142ms
110ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/31/21.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d56bf08294f3ede031e7a5bbd64aa56f6d3182fb0843cbd7f61d3277275fadb1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7cd13b-CDG
access-control-allow-origin: *
content-length: 22443
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 21.png
api.maptiler.com/maps/bright/256/6/32/ 24 KB
24 KB 139ms
107ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/32/21.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8142f77b80624f38ffb5afc666d509497fdca1976cb261773dc60b45d40fb15

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7bd13b-CDG
access-control-allow-origin: *
content-length: 24150
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 23.png
api.maptiler.com/maps/bright/256/6/31/ 18 KB
18 KB 159ms
127ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/31/23.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e497b3b3d03a9ceb2c70e7c4b52fdddf8db347afd852b2271b397dfa89c1ae0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7fd13b-CDG
access-control-allow-origin: *
content-length: 18280
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 23.png
api.maptiler.com/maps/bright/256/6/32/ 21 KB
21 KB 224ms
193ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/32/23.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc5cbc9e6ba7eb1abf630f2f2e917e3311c03f97e7a41c72545592a436710c4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f87d13b-CDG
access-control-allow-origin: *
content-length: 21307
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 22.png
api.maptiler.com/maps/bright/256/6/30/ 329 B
618 B 138ms
125ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/30/22.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ede050f7e528524093baea39d458313b0326825f9a01d75edec33d16f3749dc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7ed13b-CDG
access-control-allow-origin: *
content-length: 329
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 22.png
api.maptiler.com/maps/bright/256/6/33/ 25 KB
26 KB 209ms
196ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/33/22.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c88340c7b754ebf1eb2690b05470635135ff25e642dce7f87d9cc87c0d0903ab

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f8dd13b-CDG
access-control-allow-origin: *
content-length: 26007
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 21.png
api.maptiler.com/maps/bright/256/6/30/ 9 KB
10 KB 142ms
129ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/30/21.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7373b7d319b2a6e6538cd8feb9df0d73744aaae08a46e346720281dc729ccccc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f82d13b-CDG
access-control-allow-origin: *
content-length: 9557
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 21.png
api.maptiler.com/maps/bright/256/6/33/ 25 KB
25 KB 140ms
126ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/33/21.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98e9dd1db855a7165e03eab9d0f9d1230a2a44333c7c9c4691881b6b566d8ea

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f80d13b-CDG
access-control-allow-origin: *
content-length: 25599
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 23.png
api.maptiler.com/maps/bright/256/6/30/ 12 KB
12 KB 123ms
110ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/30/23.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309e001d11fe28492fab4c1cb55f43496e3d4e82c3e1f9ed17d3516da600a2db

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f7dd13b-CDG
access-control-allow-origin: *
content-length: 12335
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 23.png
api.maptiler.com/maps/bright/256/6/33/ 27 KB
27 KB 489ms
476ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/33/23.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebaa9b97319c4686f3a7e9cf00ae4965b281a066a550c3faa74d352d12370d5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: MISS
cf-ray: 8cda3c461f86d13b-CDG
access-control-allow-origin: *
content-length: 27471
date: Sat, 05 Oct 2024 03:13:23 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 20.png
api.maptiler.com/maps/bright/256/6/31/ 23 KB
23 KB 99ms
87ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/31/20.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e345699021ff9cb189b570e0dd87444ff5c2845c0bd0ca6b0cefb4109f105503

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f83d13b-CDG
access-control-allow-origin: *
content-length: 23690
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 20.png
api.maptiler.com/maps/bright/256/6/32/ 9 KB
9 KB 206ms
193ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/32/20.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa9c8030158cb2dc570e21d9952c77f3d4cee78e6a40662aa1f5d0e73dd358b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f8bd13b-CDG
access-control-allow-origin: *
content-length: 8922
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 24.png
api.maptiler.com/maps/bright/256/6/31/ 21 KB
21 KB 143ms
130ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/31/24.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5642f3c7fe8044ebdbf5e49b8b19d1776b5b5e7ac221fe311dda924299aa7215

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f84d13b-CDG
access-control-allow-origin: *
content-length: 21604
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 24.png
api.maptiler.com/maps/bright/256/6/32/ 18 KB
19 KB 208ms
195ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/32/24.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007b5f49bc37529352ace6cd85c472f316bc19b19287e1f5354c48b2cb3429c3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f89d13b-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 18631
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 20.png
api.maptiler.com/maps/bright/256/6/30/ 17 KB
17 KB 191ms
177ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/30/20.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5774750a477f9c52dec82392c2599305968964a8b5ea044f2eeb4dbfeb4708

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f85d13b-CDG
access-control-allow-origin: *
content-length: 17339
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 20.png
api.maptiler.com/maps/bright/256/6/33/ 18 KB
18 KB 141ms
128ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/33/20.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0254ad68055aeeac863e38441c399e3ba2e633262486071fa9007f56878ae615

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f81d13b-CDG
access-control-allow-origin: *
content-length: 18418
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 24.png
api.maptiler.com/maps/bright/256/6/30/ 15 KB
15 KB 209ms
195ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/30/24.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a4c70b845c9bfb9dae58bf2c3b50a0b97456160a86c457590b7b9d02551f34

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f8cd13b-CDG
access-control-allow-origin: *
content-length: 14899
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 24.png
api.maptiler.com/maps/bright/256/6/33/ 19 KB
19 KB 210ms
197ms Image
image/png 104.17.245.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.maptiler.com/maps/bright/256/6/33/24.png?key=00KOKzzPlUpyyXF8DLuU
Requested by: Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.245.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd04958437ce0a6beefca5c9330b2e49e69eef20abb437fef5dc2aff247b1e51

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: public, max-age=14400
x-maptiler-free: 1
cf-cache-status: HIT
cf-ray: 8cda3c461f8ad13b-CDG
access-control-allow-origin: *
content-length: 19596
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 12:55:33 GMT
vary: Origin, User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ 409 KB
136 KB 49ms
49ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6460175736944505&plah=leloftdenimes.fr

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

62c45fd689eb8164f590b87fb4f88846706cd500dd9c82b4a0bb6686b0826eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: br
etag: 8236194289587569174
x-content-type-options: nosniff
expires: Sat, 05 Oct 2024 03:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 05 Oct 2024 03:13:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 139503
x-xss-protection: 0
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
419 B 34ms
33ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=499376771&t=pageview&_s=1&dl=https%3A%2F%2Fleloftdenimes.fr%2F&ul=fr-fr&de=UTF-8&dt=R%C3%A9servez%20en%20France%20%3A%20h%C3%B4tels%20de%20luxe%2C%20g%C3%AEtes%2C%20auberges%20%C3%A9conomiques.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=754019370&gjid=113781360&cid=913619865.1728098003&tid=UA-3412385-15&_gid=616827263.1728098003&_r=1&gtm=457e4a20za200zb870626028&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&jsscut=1&npa=1&z=89917612

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://leloftdenimes.fr/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://leloftdenimes.fr
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 65DF 0
0 75ms
26ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6460175736944505&plah=leloftdenimes.fr

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leloftdenimes.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

age: 41941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 15:34:22 GMT
etag: 13108003645644964576
expires: Fri, 18 Oct 2024 15:34:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 34ms
33ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookiesInfo&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 05 Oct 2024 03:13:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 34ms
34ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: leloftdenimes.fr
URL: https://leloftdenimes.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 05 Oct 2024 03:13:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame D7D2 0
0 93ms
46ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6460175736944505&output=html&adk=293675617&adf=814277786&abgtt=1&lmt=1728098003&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fleloftdenimes.fr%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728098002869&bpp=3&bdt=471&idt=387&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1432867131818&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95330278%2C95342015%2C95343328%2C95344189&oid=2&pvsid=3938618795778520&tmod=834775790&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=399

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leloftdenimes.fr/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Oct 2024 03:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame 3D61 0
0 94ms
47ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6460175736944505&output=html&h=170&slotname=3136731869&adk=3992575858&adf=3915612545&pi=t.ma~as.3136731869&w=840&abgtt=1&lmt=1728098003&rafmt=11&format=840x170&url=https%3A%2F%2Fleloftdenimes.fr%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728098002872&bpp=1&bdt=474&idt=404&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1432867131818&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=2960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95330278%2C95342015%2C95343328%2C95344189&oid=2&pvsid=3938618795778520&tmod=834775790&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leloftdenimes.fr/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Oct 2024 03:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 free-v4-shims.min.js Show response
ka-f.fontawesome.com/releases/v6.6.0/js/ 26 KB
8 KB 609ms
561ms Fetch
application/javascript 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/js/free-v4-shims.min.js?token=ca2eb027fc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/ca2eb027fc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d3c270d11f878588282e68881ba90da90d33d72ef0e9bd6327d6fb48940158

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"21bf79edda3e482c2b8b61abe912efa7"
age: 844937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PoSu8i8LJ2lEO8sHwbOGhPdVO%2BCxIobjU0GkwiLoFyFMXW3VziIz2s%2Bn%2Fj188qHXnNXMs4%2F2iLO%2Fn3StPqEUjL6vrq%2FA24CBp6zZidMYItDa8Q6T6qizmoRzBkN6vHzHOJutXQByw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: pd6d3Vz4mQiBkS2mFlcD-Vxo0EPKU7eYL1pCsmjHnwhfgvK3jQQogg==
date: Sat, 05 Oct 2024 03:13:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-ray: 8cda3c48eede2a44-CDG
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 free.min.js Show response
ka-f.fontawesome.com/releases/v6.6.0/js/ 1 MB
532 KB 75ms
28ms Fetch
application/javascript 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/js/free.min.js?token=ca2eb027fc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/ca2eb027fc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcaadfdbe503bb5e357bcad3c8e0645f476c38aecbc1c4cf0f57de22647028f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"05d04dcb288090d38627e23ea63d3a65"
age: 844937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jR5itN3DRuRr8wjvwORwEIHRO7WtElHCw9xsqGIfdBYaXrqFeLnbrtoRvgG1eTuFxi7bn2sPiKGVGKxEiHvuHA8meiP2yLXA8dL5Csob4Dmp%2FOwjquLLsHsXmCmfHlaqzcBLEirkmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: TD4W3L9UwO5Otaa8wot2OPJ4H0RZuTVZpawFlEer4A2Db-5IoatD2w==
date: Sat, 05 Oct 2024 03:13:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 fd000a128e6bb534d86b423d2d506d52.cloudfront.net (CloudFront)
cf-ray: 8cda3c48eedd2a44-CDG
access-control-allow-origin: *
x-amz-cf-pop: CDG52-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 93ms
42ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241001&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

61bb6f2979c45ad8e63691354800dc3f15b368023a6f9baf4af232e577c4b5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12799
date: Sat, 05 Oct 2024 03:13:23 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK favicon.ico
leloftdenimes.fr/ 1 KB
1 KB 21ms
21ms Other
image/x-icon 2a02:4780:28:34f8::1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://leloftdenimes.fr/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:28:34f8::1 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 13c8c54c9dc7b09f6d64727f6db053782404722c0763c634c5884b2d4ecdeebc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1192
Keep-Alive: timeout=15, max=98
Date: Sat, 05 Oct 2024 03:13:23 GMT
Last-Modified: Mon, 08 Apr 2024 06:37:00 GMT
Content-Type: image/x-icon
Server: Apache

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 113ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 05 Oct 2024 03:13:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:23 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 8DA3 0
0 80ms
25ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leloftdenimes.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

accept-ranges: bytes
age: 2164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Oct 2024 02:37:19 GMT
expires: Sat, 05 Oct 2024 03:27:19 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 52C6 0
0 90ms
39ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-31rnYh89e-Obf3Yg8NMEjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leloftdenimes.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-31rnYh89e-Obf3Yg8NMEjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Oct 2024 03:13:23 GMT
expires: Sat, 05 Oct 2024 03:13:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 25ms
25ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-450R68E3M3&gtm=45je4a20v870626028za200&_p=1728098002473&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=913619865.1728098003&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728098002&sct=1&seg=0&dl=https%3A%2F%2Fleloftdenimes.fr%2F&dt=R%C3%A9servez%20en%20France%20%3A%20h%C3%B4tels%20de%20luxe%2C%20g%C3%AEtes%2C%20auberges%20%C3%A9conomiques.&en=scroll&epn.percent_scrolled=90&_et=18&tfd=7309
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-450R68E3M3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://leloftdenimes.fr/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://leloftdenimes.fr
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 03:13:27 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241001&jk=3938618795778520&bg=!Pj2lPXLNAAax3igvkd47ADQBe5WfOJuHpTYU2oVsNKtZXyY0vLnYm_0mQmXc0ptljE8JFNTueksJrOxoep9d1njRcxDeAgAAADZSAAAAAmgBB34ANroV-2GsB7bD6k_hRtoDgy7WP-EwnDRI7saJaaaqchCbFbpctIpVoLmSmSrG4SfA_8VhmTlJxZkCtVQw5RZZQCzllPprjI8bmfITTiBwhHI0jXxzhm2u8foibv9rJOXIIkuX0WO-zH7jIQ9hl6BKbNLyb0UWSJzliJ63o9uDarSCHV_nXJAy_4Wf9ta2GOUzQgKdJkLlrQofYUcBQyYbk199yfVwjvQmbb91w8bNYZ3cb-hdFm_K7s9u0kd6sZi5L6JuKkcGRiWtQAoQDSLEry-CMiygzt3iXUvo8ZFScf2jeYKJ3neYGLBNV_Q8rMlX2nDI3rCwIQ52IxGbApHpCfB4WTLnfVV03mPr21w0z3HeKiv-ek9ElydPIgh_jEHz8J9oPUEBsyN3fyX2h1qcT9BM9ogZzIL_w10jpWu7YGVoGzXF-eVGMXzDzO2gzMJjRs4xGQrZhBsaYtZTofAFRZsTqGtzYOW9ntlE2bDoP12BBgyOG7IVMf1gIqrW72EySNCnBNW6JHVMyPYxqeaKYq2Igkfz_f1cn1pNTf-103BPgfnAB-9KkUrZL9uPKSS5DgHIsvF2Le8aj6hDBmqG4u0XAIe5bkG6XsSo1BblAgHVf8TZfv9iXT39U07JEfcRTMrvfPC9VL6mNnTqk3BC07Ct6lQGJBKblY03hrL8Pms364_92IN5FRa_q8N2ZQ0nLtgegAwGCTpW1VzdY5_xOfg1eRdSmh2EKbUzd5r9IxVok25GjdmMi2wzYT8xyJbajrE7ALsWgrJGJJPUTeF1FypsxXeyv0_bwoFW8mLj8h4kin_nNUQFtsL94pLYpsy_DfkEPqSdUN0ppwM4_V2hCmNzsruOLluILQZCw2HxyFaX4S06PWcb6kjAjKZqb0afTBLC0mfEg-v2PPLkHZFu3UHbv_VEwgSyOyOL41qr69_5IwGufWLDxBpj4qC0gdPe-JQGRki1NlyBVDeqYsiSgLPZY-hGFptxomZBfTxK6Q

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leloftdenimes.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 77e183826537983cfae4341913d10dfc
.leloftdenimes.fr/	1970-01-21 09:37:38	Name: _ga_450R68E3M3 Value: GS1.1.1728098002.1.0.1728098002.0.0.0
.leloftdenimes.fr/	1970-01-21 09:37:38	Name: _ga Value: GA1.2.913619865.1728098003
.leloftdenimes.fr/	1970-01-21 00:03:04	Name: _gid Value: GA1.2.616827263.1728098003
.leloftdenimes.fr/	1970-01-21 00:01:38	Name: _gat_gtag_UA_3412385_15 Value: 1
.maptiler.com/	1969-12-31 23:59:59	Name: _cfuvid Value: VOwD3lUn_Dt4DFtBs0PxWyhR__WF5psUs62ViX6ygzw-1728098003352-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.maptiler.com
cdnjs.cloudflare.com
code.jquery.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
leloftdenimes.fr
pagead2.googlesyndication.com
pp8.pportale.pl
pportale.pl
q-xx.bstatic.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.245.40
104.17.25.14
109.95.157.167
142.250.184.228
142.250.185.226
142.250.186.130
172.67.139.119
2001:4860:4802:32::36
2600:9000:266e:f600:5:bf05:acc0:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:806::200e
2a00:1450:4001:810::2001
2a00:1450:4001:831::2008
2a02:4780:28:34f8::1
2a04:4e42:400::649
77.37.120.168
007b5f49bc37529352ace6cd85c472f316bc19b19287e1f5354c48b2cb3429c3
0101c5c18a248992c008a7c44a78ad27e62e8531751481a844e64bd28876bbc4
0254ad68055aeeac863e38441c399e3ba2e633262486071fa9007f56878ae615
0383fba1569a29c1e7b8108a593788653cfd72897fe5b07d149e572414106cc1
0dc5cbc9e6ba7eb1abf630f2f2e917e3311c03f97e7a41c72545592a436710c4
104ad96a6b8b79f5276cc0506ec12abb55126be6ed476a08942a4125bc83e3f8
13b806ea55cda0cb9726cb05cd48236e6f20d07b91f46cd1e24a71e0b0993002
13c8c54c9dc7b09f6d64727f6db053782404722c0763c634c5884b2d4ecdeebc
1ede050f7e528524093baea39d458313b0326825f9a01d75edec33d16f3749dc
2324db3594059f07efe8eb7a1f458675bfda6c41c4a0118e786c50ddc44bab37
248a9b4d5944525f37ded5253c536d4097c2f9e09265dc42ebb91aeef89c0d86
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2d687359a406651b1616bac9c60fba667f134fce24d3fb6bb621c173aa9c1a96
2e497b3b3d03a9ceb2c70e7c4b52fdddf8db347afd852b2271b397dfa89c1ae0
2e7cc07cd97f90b78ac849458d227bd1feb0e2f7535fe7d6c5551fff557f2ad2
2fcaadfdbe503bb5e357bcad3c8e0645f476c38aecbc1c4cf0f57de22647028f
309e001d11fe28492fab4c1cb55f43496e3d4e82c3e1f9ed17d3516da600a2db
32aec62a60f83c6b363294ef277b310c67ba99fab770b27c6ec5154326b78d54
4487af98036da41c15053efcf2747d1345f4b4028925e7110bfb6d821826e5bc
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
4d5fe5fa9419c93cc3afe0be75e4c2ae5b49778d861459f3216aa0bcd0d751ff
5642f3c7fe8044ebdbf5e49b8b19d1776b5b5e7ac221fe311dda924299aa7215
58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c
5bedea6b90ff250214411d832a0aa1e005f8d8448cd4a8cdbda7ea5a182eccbd
5ebaa9b97319c4686f3a7e9cf00ae4965b281a066a550c3faa74d352d12370d5
61bb6f2979c45ad8e63691354800dc3f15b368023a6f9baf4af232e577c4b5c2
627f0b90c2bac494bf5f6b15661ac53e4dad29521bedca77c72912d930b6decd
62c45fd689eb8164f590b87fb4f88846706cd500dd9c82b4a0bb6686b0826eba
670c98e985e97b085deb3fc4c2ef7c836cf3f20561fd28830c8810d8c86071db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff67e95ff672f978dfc41b1283d083c2c89ad30cd244334d0456c8082ea4d55
70687998314c27942ea241bbe9929c05acad1074dc1c93a24d7872c70a241319
710fee0a0d6637b31e9bfb0feee9397bfdaea0ff3547b46350fd7e334d72a692
7373b7d319b2a6e6538cd8feb9df0d73744aaae08a46e346720281dc729ccccc
75c20f6fe3ba86c27d958ce544e19861bba6b40d1c502fd16c60bbf369296b05
76a4c70b845c9bfb9dae58bf2c3b50a0b97456160a86c457590b7b9d02551f34
81d57ba3c3923729a1eb711401ced2e306a1ae04b4dda230d351b23ba26b0bb2
8783c53b44bd6a4bfa8d0e312d97a1372073064d9fa001a742e9b16cb38d89fb
91aa206161d00bfb827b946a2b27d51848c8498fab8a24e7610d244ddbc5855b
924eadbdd758ffcbd597f77bfcc2fde86c225f56da4787f66a51a160ebb286f1
95d3c270d11f878588282e68881ba90da90d33d72ef0e9bd6327d6fb48940158
99791dd6259fdfdba2ac9c0061b4bfcab5bcff0b756c0d400362d88e660e9717
9a57ef76f4ac241190f8d996cdb39b5d884531c2c44885e8dee99c2eddd94eb0
9de9187e62c46fe78891d34c87bbf010a9f41c31603eb75bcfc95971391c3923
9fa9c8030158cb2dc570e21d9952c77f3d4cee78e6a40662aa1f5d0e73dd358b
a18135560fa25ee603f19dd9de5c3de30d14ce6484b2658a723a514598b1697f
ac93c5d3a815eb9720326dcb7ee5919e93b30b55a70bd7f31a0988643555564e
ad9f52810c3a25453162ed8b6efb95d10cdc7ddb5d5b1b7101ed8fb88bbac288
b13c4d905522a788351bed71c60310ba8d0a8fbab6f03c2e04751463893aa9bd
b8142f77b80624f38ffb5afc666d509497fdca1976cb261773dc60b45d40fb15
be0bcbf3e47a96149012f14131f43f9a03d51b10924ba00b441f7a73aac2636e
c3f24c1efcbecb885fb7adf7ff2153c27d9de900979c32eebc7f258295e90031
c88340c7b754ebf1eb2690b05470635135ff25e642dce7f87d9cc87c0d0903ab
cb5774750a477f9c52dec82392c2599305968964a8b5ea044f2eeb4dbfeb4708
cd04958437ce0a6beefca5c9330b2e49e69eef20abb437fef5dc2aff247b1e51
d1904ef6ff9afe4da5cd4de710a9d44b3e9dec94d377589d089ba99648976bc9
d56bf08294f3ede031e7a5bbd64aa56f6d3182fb0843cbd7f61d3277275fadb1
dd01ea659a8676aa3831de12ff41ec6eb57bd174cca2a6ce3184e066e62557f7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e345699021ff9cb189b570e0dd87444ff5c2845c0bd0ca6b0cefb4109f105503
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3910e0b8ae35faa7493f8f7e487f10c2c330bbb8df80851a3d0d22a1887b557
f67472e21ee065c3f8551014c40048d20857ee4cf814dcfc32e32b66e4c91428
f98e9dd1db855a7165e03eab9d0f9d1230a2a44333c7c9c4691881b6b566d8ea
f9b756b96397305917d2ff42bebdce58294f89879f0d0cfd18664fffbc59c5d7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

leloftdenimes.fr Open in urlscan Pro 2a02:4780:28:34f8::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

50 %IPv6

12 Domains

16 Subdomains

17 IPs

5 Countries

3140 kBTransfer

8034 kBSize

6 Cookies

5 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leloftdenimes.fr Open in urlscan Pro
2a02:4780:28:34f8::1 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

17
IPs

5
Countries

3140 kB
Transfer

8034 kB
Size

6
Cookies

76 HTTP transactions
0 data transactions