vinsschneider.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vinsschneider.fr.gd/
Submission: On March 08 via api (March 8th 2024, 2:14:56 am UTC) from US — Scanned from US

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 32 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is vinsschneider.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time vinsschneider.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
3	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
6	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f08e:219:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2606:4700:303... 2606:4700:3037::ac43:cc74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	18.170.16.112 18.170.16.112	16509 (AMAZON-02) (AMAZON-02)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
2	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
3	3.75.56.58 3.75.56.58	() ()
2	18.193.148.116 18.193.148.116	() ()
3	2607:f8b0:400... 2607:f8b0:4004:c0b::84	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c06::67	() ()
32	15

1 193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

vinsschneider.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.223.113 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c0b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f08e:219:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.223.114 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.16.112 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-16-112.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

fwd.fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (None, )

ASN- ()

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.148.116 (None, )

ASN- ()

redokan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::84 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::67 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com	227 KB
4	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 720425	48 KB
3	visifeed.org visifeed.org	2 KB
3	fwdtrk.com fwdtrk.com fwd.fwdtrk.com	182 KB
2	redokan.com redokan.com	35 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	89 KB
1	google.com www.google.com	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 60854	18 KB
1	asrv205.com asrv205.com	1 KB
1	fr.gd vinsschneider.fr.gd	4 KB
0	xuve.com Failed xuve.com Failed
0	facebook.com Failed www.facebook.com Failed
32	13

	Domain	Requested by
6	pagead2.googlesyndication.com	vinsschneider.fr.gd pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	visifeed.org	fwdtrk.com visifeed.org
3	theme.webme.com	vinsschneider.fr.gd
2	redokan.com	visifeed.org redokan.com
2	fwd.fwdtrk.com	fwdtrk.com fwd.fwdtrk.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	vinsschneider.fr.gd connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	fwdtrk.com	asrv205.com
1	track.webgains.com	asrv205.com
1	asrv205.com	vinsschneider.fr.gd
1	img.webme.com	vinsschneider.fr.gd
1	vinsschneider.fr.gd
0	xuve.com Failed	redokan.com
0	www.facebook.com Failed	connect.facebook.net
32	16

This site contains links to these domains. Also see Links.

Domain
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
misc.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-16` - `2024-03-15`	3 months	crt.sh
img.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
fwdtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
fwd.fwdtrk.com GTS CA 1D4	`2024-02-11` - `2024-05-11`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
redokan.com R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://vinsschneider.fr.gd/
Frame ID: 608D6D884EAFBF76BCC86CCED5726C75
Requests: 13 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 431BE986CDBBA0CE061D7E31AA93A507
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: CE9249306F09F82D72C256C210DF253D
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwOTg2NDA3Nn0%3D
Frame ID: 1EF1C811B76795F0C5E0A1962E75375A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7191390240882656&output=html&adk=1812271804&adf=3025194257&lmt=1709864078&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fvinsschneider.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709864076358&bpp=7&bdt=3028&idt=1979&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7597738269992&frm=20&pv=2&ga_vid=2039118433.1709864078&ga_sid=1709864078&ga_hid=1606944403&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44795921%2C95325753%2C95325976%2C95327082%2C95322180%2C95324160%2C95325784%2C95326430%2C95326922&oid=2&pvsid=445429680164955&tmod=188771331&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2843
Frame ID: FF0C3E0AE8F5C9930C49364C4E48E9E6
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b07&ci=yCas%2FRt9&its=9F%5Bt%2ALr5c%3Cb%40%7EQD%3BvjPWbVY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: BC5CCB6D7D325B93B51A129217EDFFC1
Requests: 2 HTTP requests in this frame

Frame: https://xuve.com/de/y?t=reitstiefel-kandel.de&cid=4716e0abf2f3b24692ac64ce1b6d099c3a178e15feabd6ee7934fb1939fc948c&identifier=70db11580586afa8
Frame ID: 258D563C86E81E6ECD41407DD268292A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe34bff650e124665%26domain%3Dvinsschneider.fr.gd%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvinsschneider.fr.gd%252Ffb2154dd1045d4ff4%26relation%3Dparent.parent&container_width=1038&href=https%3A%2F%2Fvinsschneider.fr.gd%2Fhttp%253A%252F%252Fvinsschneider.fr.gd&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120
Frame ID: F79CA9A7B701671B5956784CD140DDC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78D5620CF5E1D11BFEF59A4402516466
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 162FA2B3F731CF5535167C907908E34C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vins André Schneider & Fils - Accueil

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

32
Requests

91 %
HTTPS

43 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

612 kB
Transfer

1524 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://xuve.com/de/y?t=reitstiefel-kandel.de&cid=4716e0abf2f3b24692ac64ce1b6d099c3a178e15feabd6ee7934fb1939fc948c&identifier=70db11580586afa8

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vinsschneider.fr.gd/ 11 KB
4 KB 5987ms
899ms Document
text/html 193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://vinsschneider.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: 562bf803fbf83c1fe8fef14aac83ba361087dd9aaa121aa6bfa4f35d30df27bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Fri, 08 Mar 2024 02:14:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 325381988
X-wm-1: b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

GET
H/1.1 200
OK style.css
theme.webme.com/designs/flexible/css/ 9 KB
3 KB 2961ms
93ms Stylesheet
text/css 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.webme.com/designs/flexible/css/style.css
Requested by: Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: daf3c668f974a9d8b1145c5a5ab9b7add34979e366cece3493ea6a9e26b63608

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:14:36 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Content-Encoding: gzip
Last-Modified: Tue, 27 Oct 2020 14:05:25 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 69598
Vary: Accept-Encoding
Content-Type: text/css
X-Varnish: 128241640, 19361829 310457
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3004
Expires: Thu, 18 Apr 2024 06:54:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 998ms
127ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7191390240882656&host=ca-host-pub-1483906849246906

Requested by

Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712c1604f5fa1e639d7ae3013b9dedd1a1ba410f98736e9bf04263cdeaed00e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vinsschneider.fr.gd/
Origin: https://vinsschneider.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51089
x-xss-protection: 0
server: cafe
etag: 3719611375384553559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 08 Mar 2024 02:14:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 1904ms
877ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

422963fd4a2916b46f816566e5a983e30e580fea051b2c039e17f0a5eae142b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vinsschneider.fr.gd/
Origin: https://vinsschneider.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 02:14:37 GMT
content-md5: 3McG78LlTVPBB8aiJeCMOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: g7glb/3ZUZ6XfKXn/Q77EDv4jWEt97xFoalspgcnd2n6Bj3GFidfN/KcRirGRwhFge1MUAYBfsShsEcfS+ZyXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3ecb135c8f021c2fa32c32ca49843bdd
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "c54928b0e134432878c50c8c9916b3f6"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 08 Mar 2024 02:25:37 GMT

GET
H/1.1 200
OK sigle.jpg
img.webme.com/pic/v/vinsschneider/ 11 KB
11 KB 2999ms
133ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/v/vinsschneider/sigle.jpg
Requested by: Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 36fd3f46aa7414720605cf6f799a467046be5cd141ac0a40aae3e2463a2608da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:14:36 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Wed, 24 Dec 2014 07:07:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 0
ETag: "549a663c-2ba8"
X-Varnish: 327488421, 19361831
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11176

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame 431B 1 KB
1 KB 910ms
857ms Document
text/html 2606:4700:3037::ac43:cc74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d2835016380272957b66083950136cc7f3a42adf9571c9f52e3ec5e75f6e9e7

Request headers

Referer: https://vinsschneider.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 860f500d4aa9c470-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 02:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNfxAKvV2Pq24hEdgA2KT4vt0sUlPU9t5ilkPyoWMbT8TG4kCLrTQWicFs9DZ8LxjrBPitzYIWlk8J3z5FCO%2Frt8aQtcfg8k5Tbyv2MYfwG8NhnOpJYHJTU2o7NCgWUPfOMjRrf%2FL%2Bjsmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK white_lines.jpg
theme.webme.com/designs/globals/background/ 2 KB
2 KB 909ms
907ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/globals/background/white_lines.jpg
Requested by: Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 0f02547f1526f0cabfc9f730c0a8e99c794e9d471d2e2f8c3c14a5abd351b6b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:14:36 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:44 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 39848
Content-Type: image/jpeg
X-Varnish: 184176783, 19361834 7402613
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1602
Expires: Thu, 18 Apr 2024 15:10:27 GMT

GET
H/1.1 200
OK natur.jpg
theme.webme.com/designs/globals/header/1000x300/ 31 KB
31 KB 1996ms
1075ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/globals/header/1000x300/natur.jpg
Requested by: Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: e3ae648b5c60f52a9f1671d5daf1504dc464a09dab1cc78662a4c13c52530983

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:14:37 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Mon, 14 Dec 2015 11:30:06 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 24546
Content-Type: image/jpeg
X-Varnish: 294362942, 19688665 16953145
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31759
Expires: Thu, 18 Apr 2024 19:25:31 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 405 KB
137 KB 1846ms
966ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7191390240882656&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a89310a7c98b325b1c58eb439b11661b6936adb53c648778e885f9dadac368cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140431
x-xss-protection: 0
server: cafe
etag: 6328401081580280787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 02:14:37 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame CE92 9 KB
4 KB 1955ms
18ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7191390240882656&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vinsschneider.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:20:04 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:20:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 link.html
track.webgains.com/ Frame 431B 17 KB
18 KB 2057ms
133ms Image
image/gif 18.170.16.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wglinkid=4576268&wgcampaignid=1700378
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.16.112 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-16-112.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: fd47d3aa385921aca06c1f1fcc0a1455ddbb66820dc261dbd823c07daf4cd6fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:39 GMT
last-modified: Fri, 08 Mar 2024 02:14:39 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 08 Mar 2024 02:15:39 GMT

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 1EF1 1 KB
2 KB 2010ms
102ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwOTg2NDA3Nn0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:14:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
86 KB 90ms
83ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=25c1d0eeeab9e0f542ddfbacf42dba99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d837db0e8f5ba4bebb708f985749985e021fb4541386ee28e5bec5d534d1975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vinsschneider.fr.gd/
Origin: https://vinsschneider.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 02:14:38 GMT
content-md5: 6NZIsmVAi8Fv+QSIboPnMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87208
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: OYJd/LCPcT5HBFf/HFnnT3wyFK2TJSR6vn4nuroQbCsmfLgAsciUI4UQ8rCmb6HoW6HY8o3lqkU3RL2WWOxFlw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3211ce5dceb87127bf3f35b0523187d9
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "242969b2d477fa3b6fb5bb6891e0c8e5"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 08 Mar 2025 01:24:58 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF0C 603 B
218 B 106ms
103ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7191390240882656&output=html&adk=1812271804&adf=3025194257&lmt=1709864078&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fvinsschneider.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709864076358&bpp=7&bdt=3028&idt=1979&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7597738269992&frm=20&pv=2&ga_vid=2039118433.1709864078&ga_sid=1709864078&ga_hid=1606944403&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44795921%2C95325753%2C95325976%2C95327082%2C95322180%2C95324160%2C95325784%2C95326430%2C95326922&oid=2&pvsid=445429680164955&tmod=188771331&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vinsschneider.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 02:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vinsschneider.fr.gd
URL: https://vinsschneider.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:14:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track Show response
fwd.fwdtrk.com/ Frame 1EF1 189 KB
76 KB 1835ms
941ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fwd.fwdtrk.com/track?id=

Requested by

Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwOTg2NDA3Nn0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

Google Tag Manager /

Resource Hash

9d01161f8253c8fdee3e15ba4f415f78919a369f9e86b1b6c5ede86e92268ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 00:09:27 GMT
server: Google Tag Manager
via: 1.1 google
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame BC5C 405 B
738 B 1113ms
117ms Document
text/html 3.75.56.58

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMiwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwOTg2NDA3Nn0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: a99571b2adda42c6ed7ae46e91bbe48e05281acd6ea178141e98c5af56423418

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:14:42 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 js Show response
fwd.fwdtrk.com/gtag/ Frame 1EF1 268 KB
104 KB 1924ms
1923ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by: Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2015.1e100.net
Software: /
Resource Hash: 9358bb166443deb9ad5d10d4c6a3fc8cf3f16fa95700bf7e1a81d7e50a834cf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
date: Fri, 08 Mar 2024 02:14:42 GMT
cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
expires: Fri, 08 Mar 2024 02:29:01 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame BC5C 410 B
734 B 857ms
856ms Document
text/html 3.75.56.58

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b07&ci=yCas%2FRt9&its=9F%5Bt%2ALr5c%3Cb%40%7EQD%3BvjPWbVY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 89766f81b1c2c0a597afc0d2b17d3cd227b6fe5357faaefcae681a1a2e39b7f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:14:42 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 258D 342 B
666 B 117ms
116ms Document
text/html 3.75.56.58

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&ci=yCas%2FRt9&its=9F%5Bt%2ALr5c%3Cb%40%7EQD%3BvjPWbVY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b07&ci=yCas%2FRt9&its=9F%5Bt%2ALr5c%3Cb%40%7EQD%3BvjPWbVY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: d0e5d81ebc430b93d0de7b4881740df3901d094e672cfb947713fa36a1a05fdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:14:43 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK redirect Show response
redokan.com/ Frame 258D 2 KB
1 KB 3845ms
897ms Document
text/html 18.193.148.116

General

Check archive.org

Show headers Download Go to

Full URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&ci=yCas%2FRt9&its=9F%5Bt%2ALr5c%3Cb%40%7EQD%3BvjPWbVY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.148.116 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / PHP/8.2.16
Resource Hash: e811c4e44b6a07f01bed3e2e25383a6932f17b8a47919d7c7db45b542cc8b226

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:14:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.16

GET
H/1.1 200
OK fp.min.js Show response
redokan.com/js/ Frame 258D 34 KB
34 KB 987ms
987ms Script
application/javascript 18.193.148.116

General

Check archive.org

Show headers Download Go to

Full URL: https://redokan.com/js/fp.min.js
Requested by: Host: redokan.com
URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.148.116 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:14:47 GMT
Last-Modified: Tue, 27 Feb 2024 11:09:21 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Etag: W/"65ddc2e1-864c"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 1960ms
1959ms XHR
application/json 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbf53fdb7ec28b4554225b06a14993a9d6d422e67bad2e694e6e8018e3991fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12220
x-xss-protection: 0

GET like.php
www.facebook.com/v11.0/plugins/ Frame F79C 0
0

GET

y
xuve.com/de/ Frame 258D
Redirect Chain

https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=232d7d394c52de2329b28c81abd17851df31c03a9d23405e93ed3cb0249b2b00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp...
https://xuve.com/de/y?t=reitstiefel-kandel.de&cid=4716e0abf2f3b24692ac64ce1b6d099c3a178e15feabd6ee7934fb1939fc948c&identifier=70db11580586afa8

0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 953ms
17ms Script
text/javascript 2607:f8b0:4004:c0b::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 02:14:51 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78D5 13 KB
5 KB 18ms
17ms Document
text/html 2607:f8b0:4004:c0b::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vinsschneider.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 12984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 22:38:27 GMT
expires: Fri, 07 Mar 2025 22:38:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 162F 829 B
1 KB 86ms
51ms Document
text/html 2607:f8b0:4004:c06::67

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::67 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

d6ce652bc293c62f7be65c6bd0921eeb454ce4bae9922c4969daaafac393a9fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mYunNA9V6wVefhYBS6oZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vinsschneider.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3mYunNA9V6wVefhYBS6oZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 02:14:51 GMT
expires: Fri, 08 Mar 2024 02:14:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 78D5 39 KB
15 KB 20ms
19ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Mar 2025 22:52:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 78D5 0
10 B 21ms
20ms Image
text/plain 2607:f8b0:4004:c0b::84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nq1HcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:14:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=445429680164955&bg=!6eql6qXNAAZsmiNCTJo7ADQBe5WfOCeYck03N7rYEaADw95mllnhGc58k8XGQ-k0oKhvt3TrYsyE5KQnezr-Iv9DHxXxAgAAA75SAAAABmgBB5kCwVdGSLTMKeu9F_xdc-F3n06E84MJp6A6WUlyb4GGm9zwzQtiW4Fa2693otJPQVd0yHbDYu068AJnqywMkj-zKXrIjayS6CFVtplXhiFj_sIqrGQ-cbxrUBxn1EfDmxFi2PVTu6lf9DkhXUycPcVToQ8_9HF0revDFLqrqkIWqay71W68-jputJz2O9R9rcU5KR7h3J83-ia8Uz3M64_uiBVz_i2KhpPef7KVpRVqsfruucmREwiVLj0Q9OYdnvBfz-pVk6RuYIk7qo1dviSJ8HSN738BltBSo9lqe3hDB_8EZPSWqM8mgtftryrLhtd4hHUbidCoJNHIB_uFVjQYOXYGdaBXluHoZ-q9dtHH6ZXpcQY1M_O6m2wG6oVTAItH_vRZTRysjKz3ePsmYKHez1qkGkdya55f4nDkcvqRkXKBGTPefKn_ALKGlJD2mnmsHKIEnhr6dSh3BH7ndDp9gKA8w2PhwghiT6mAn9vy_p3mSz79_gT3LbHSAiMIwmXqqahilv3h5xyvNj0A1EvCUtpZMZjRgjOM1I-HaaNEkFmcnWGChUySJ-NglrYhBSNqpPDIj3OwSxMQ6UAtWpcJHCZEij4fXFA7Qw5V8UrmjXWe6NaaNT1422Wn-GdgppvWnvrFeNLcgi8Rtf7Ui_DW0ZBwrWLXDcWJmJuE_gF2Vod9b5Q4xUsG45_s_7xlKcje4-FQg0H0zYz0euoqOwkJvIoGbeAj853Q5Io7OXpGwsQE63oxrCUSQKG_JVW-NhtfpnLegmOETNkEg5yQ7D4QcoPlOw_EJEKMVVfmBTK9p7mbt7zS86_uvKgrXE1DFVy4j_K6xRSIJl-GuM_TVAvDljgX0ip9XdxPHETjniasMpgNic0gdwPfiDKROoBEbrBq3pjnZP0wMrXBr_A7qU4cO3yt578Y85vqfPvktmhJeJMvOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vinsschneider.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 162F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe34bff650e124665%26domain%3Dvinsschneider.fr.gd%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvinsschneider.fr.gd%252Ffb2154dd1045d4ff4%26relation%3Dparent.parent&container_width=1038&href=https%3A%2F%2Fvinsschneider.fr.gd%2Fhttp%253A%252F%252Fvinsschneider.fr.gd&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120

Domain: xuve.com
URL: https://xuve.com/de/y?t=reitstiefel-kandel.de&cid=4716e0abf2f3b24692ac64ce1b6d099c3a178e15feabd6ee7934fb1939fc948c&identifier=70db11580586afa8

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=445429680164955&rc=

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vinsschneider.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 74266cd781c2fe349d06abfa16dd9951
			.doubleclick.net/	1970-01-20 18:57:44	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7191390240882656&output=html&adk=1812271804&adf=3025194257&lmt=1709864078&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fvinsschneider.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709864076358&bpp=7&bdt=3028&idt=1979&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7597738269992&frm=20&pv=2&ga_vid=2039118433.1709864078&ga_sid=1709864078&ga_hid=1606944403&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C44795921%2C95325753%2C95325976%2C95327082%2C95322180%2C95324160%2C95325784%2C95326430%2C95326922&oid=2&pvsid=445429680164955&tmod=188771331&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2843 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://vinsschneider.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asrv205.com
connect.facebook.net
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
img.webme.com
pagead2.googlesyndication.com
redokan.com
theme.webme.com
tpc.googlesyndication.com
track.webgains.com
vinsschneider.fr.gd
visifeed.org
www.facebook.com
www.google.com
xuve.com
pagead2.googlesyndication.com
www.facebook.com
xuve.com
176.9.183.55
178.162.223.113
178.162.223.114
18.170.16.112
18.193.148.116
193.238.27.28
216.239.32.21
2606:4700:3037::ac43:cc74
2607:f8b0:4004:c06::67
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c1b::9c
2a03:2880:f08e:219:face:b00c:0:3
3.75.56.58
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0d837db0e8f5ba4bebb708f985749985e021fb4541386ee28e5bec5d534d1975
0f02547f1526f0cabfc9f730c0a8e99c794e9d471d2e2f8c3c14a5abd351b6b0
36fd3f46aa7414720605cf6f799a467046be5cd141ac0a40aae3e2463a2608da
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
422963fd4a2916b46f816566e5a983e30e580fea051b2c039e17f0a5eae142b4
4d2835016380272957b66083950136cc7f3a42adf9571c9f52e3ec5e75f6e9e7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562bf803fbf83c1fe8fef14aac83ba361087dd9aaa121aa6bfa4f35d30df27bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
712c1604f5fa1e639d7ae3013b9dedd1a1ba410f98736e9bf04263cdeaed00e0
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
89766f81b1c2c0a597afc0d2b17d3cd227b6fe5357faaefcae681a1a2e39b7f2
9358bb166443deb9ad5d10d4c6a3fc8cf3f16fa95700bf7e1a81d7e50a834cf7
9d01161f8253c8fdee3e15ba4f415f78919a369f9e86b1b6c5ede86e92268ab1
a89310a7c98b325b1c58eb439b11661b6936adb53c648778e885f9dadac368cf
a99571b2adda42c6ed7ae46e91bbe48e05281acd6ea178141e98c5af56423418
d0e5d81ebc430b93d0de7b4881740df3901d094e672cfb947713fa36a1a05fdd
d6ce652bc293c62f7be65c6bd0921eeb454ce4bae9922c4969daaafac393a9fa
daf3c668f974a9d8b1145c5a5ab9b7add34979e366cece3493ea6a9e26b63608
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3ae648b5c60f52a9f1671d5daf1504dc464a09dab1cc78662a4c13c52530983
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e811c4e44b6a07f01bed3e2e25383a6932f17b8a47919d7c7db45b542cc8b226
fbf53fdb7ec28b4554225b06a14993a9d6d422e67bad2e694e6e8018e3991fcd
fd47d3aa385921aca06c1f1fcc0a1455ddbb66820dc261dbd823c07daf4cd6fe

vinsschneider.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

91 %HTTPS

43 %IPv6

13 Domains

16 Subdomains

15 IPs

4 Countries

612 kBTransfer

1524 kBSize

2 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

vinsschneider.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

91 %
HTTPS

43 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

612 kB
Transfer

1524 kB
Size

2
Cookies

32 HTTP transactions
0 data transactions