clients-devis.scripts-webmasters.ovh Open in urlscan Pro
82.223.216.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clients-devis.scripts-webmasters.ovh/
Submission: On November 19 via automatic, source certstream-suspicious (November 19th 2020, 10:32:16 pm UTC)

Summary HTTP 59 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 19 IPs in 7 countries across 17 domains to perform 59 HTTP transactions. The main IP is 82.223.216.143, located in Spain and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is clients-devis.scripts-webmasters.ovh.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2020. Valid for: 3 months.

This is the only time clients-devis.scripts-webmasters.ovh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	82.223.216.143 82.223.216.143	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	91.226.182.227 91.226.182.227	56693 (TWOTOWN) (TWOTOWN)
1	84.17.59.5 84.17.59.5	60068 (CDN77) (CDN77)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	51.91.223.86 51.91.223.86	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
2	91.226.182.121 91.226.182.121	56693 (TWOTOWN) (TWOTOWN)
1	216.59.56.9 216.59.56.9	53334 (TUT-AS) (TUT-AS)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
59	19

21 82.223.216.143 (Spain)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: hosting.scripts-webmasters.net

clients-devis.scripts-webmasters.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-site.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
css-site.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pictos.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fnd-site.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-rgpd.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-carpediem.scripts-webmasters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.226.182.227 (Amsterdam, Netherlands)

ASN56693 (TWOTOWN, BG)
PTR: vip2.direction-x.com

direction-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sitesmagiques.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.59.5 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: milan-2.cdn77.com

www.displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.223.86 (France)

ASN16276 (OVH, FR)
PTR: logicielreferencement.com

www.logicielreferencement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

whfo0nrrr4au.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.226.182.121 (Amsterdam, Netherlands)

ASN56693 (TWOTOWN, BG)
PTR: oopt.fr

regie.oopt.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.9 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	scripts-webmasters.net js-site.scripts-webmasters.net css-site.scripts-webmasters.net pictos.scripts-webmasters.net fnd-site.scripts-webmasters.net js-rgpd.scripts-webmasters.net js-carpediem.scripts-webmasters.net	65 KB
8	adsco.re c.adsco.re adsco.re 6.adsco.re whfo0nrrr4au.l.adsco.re whfo0nrrr4au.n.adsco.re Failed whfo0nrrr4au.s.adsco.re Failed	16 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
3	direction-x.com direction-x.com
2	oopt.fr regie.oopt.fr	17 KB
2	facebook.net connect.facebook.net	62 KB
2	doubleclick.net googleads.g.doubleclick.net
2	sitesmagiques.com sitesmagiques.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	displayvertising.com www.displayvertising.com displayvertising.com	9 KB
2	googletagmanager.com www.googletagmanager.com	38 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	648 B
1	logicielreferencement.com www.logicielreferencement.com
1	scripts-webmasters.ovh clients-devis.scripts-webmasters.ovh	16 KB
59	17

	Domain	Requested by
10	fnd-site.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh css-site.scripts-webmasters.net
6	pictos.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh css-site.scripts-webmasters.net
4	pagead2.googlesyndication.com	clients-devis.scripts-webmasters.ovh pagead2.googlesyndication.com
3	adsco.re	clients-devis.scripts-webmasters.ovh c.adsco.re
3	direction-x.com	clients-devis.scripts-webmasters.ovh
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	regie.oopt.fr	js-carpediem.scripts-webmasters.net regie.oopt.fr
2	6.adsco.re	clients-devis.scripts-webmasters.ovh c.adsco.re
2	c.adsco.re	www.displayvertising.com c.adsco.re
2	connect.facebook.net	clients-devis.scripts-webmasters.ovh connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	sitesmagiques.com	clients-devis.scripts-webmasters.ovh
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	clients-devis.scripts-webmasters.ovh
1	displayvertising.com	www.displayvertising.com
1	whfo0nrrr4au.l.adsco.re	c.adsco.re
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.logicielreferencement.com	clients-devis.scripts-webmasters.ovh
1	js-carpediem.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh
1	js-rgpd.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh
1	www.displayvertising.com	clients-devis.scripts-webmasters.ovh
1	css-site.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh
1	js-site.scripts-webmasters.net	clients-devis.scripts-webmasters.ovh
1	clients-devis.scripts-webmasters.ovh
0	whfo0nrrr4au.s.adsco.re Failed	c.adsco.re
0	whfo0nrrr4au.n.adsco.re Failed	c.adsco.re
59	29

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.scripts-webmasters.net
mon-compte.scripts-webmasters.net
www.facebook.com
twitter.com
www.cours-webmasters.fr
www.vos-scripts.fr
www.wiki-php.com
www.click-affiliate.us
www.monetiz.us
telecom.click-affiliate.us
contact.scripts-webmasters.net
travaux.scripts-webmasters.net
faq.scripts-webmasters.net
legality.scripts-webmasters.net
rgpd.scripts-webmasters.net

Subject Issuer	Validity	Valid
clients-devis.scripts-webmasters.ovh Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
js-site.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
css-site.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
direction-x.com Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
1503693843.rsc.cdn77.org Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
pictos.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
fnd-site.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
sitesmagiques.com Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
js-rgpd.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
js-carpediem.scripts-webmasters.net Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
logicielreferencement.com Let's Encrypt Authority X3	`2020-10-20` - `2021-01-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-14`	2 years	crt.sh
regie.oopt.fr Let's Encrypt Authority X3	`2020-09-20` - `2020-12-19`	3 months	crt.sh
displayvertising.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://clients-devis.scripts-webmasters.ovh/
Frame ID: 71EC7A24766F11157614CE2AF240F7A2
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 5353A541DFEB9D9476C396D49D45A790
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8372221674110748&output=html&adk=1812271804&adf=3025194257&lmt=1605825118&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fclients-devis.scripts-webmasters.ovh%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605825118370&bpp=137&bdt=68&idt=194&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7816191498737&frm=20&pv=2&ga_vid=656181783.1605825119&ga_sid=1605825119&ga_hid=702646682&ga_fc=0&iag=0&icsg=2138272&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066705&oid=3&pvsid=2544228170956252&pem=502&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=213
Frame ID: 389D0D3E01F5B283534A6E07CBC5561C
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: E36914F1F79CA650ABC93FDCADE13700
Requests: 1 HTTP requests in this frame

Frame: https://sitesmagiques.com/?pgid=10556&mode=6&from_sz=6650&tc2=6650&pg_b_format=3&pg_aggressive=0&prid=29&n=151&iframe=1&t=29&o=b
Frame ID: AF96A5367DD61DCD2DF35537E5C49868
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 70B3B0A81973B4B904C4CDD87D7DFAF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

59
Requests

97 %
HTTPS

50 %
IPv6

17
Domains

29
Subdomains

19
IPs

7
Countries

418 kB
Transfer

959 kB
Size

7
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.scripts-webmasters.net/

Search URL Search Domain Scan URL

URL: https://mon-compte.scripts-webmasters.net/
Title: Mon Compte

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ScriptsWebmasters
Title: Page Fan Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ScriptsWebNet
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.cours-webmasters.fr/
Title: Cours Webmasters

Search URL Search Domain Scan URL

URL: https://www.vos-scripts.fr/
Title: Vos Scripts

Search URL Search Domain Scan URL

URL: https://www.wiki-php.com/
Title: Wiki PHP

Search URL Search Domain Scan URL

URL: http://www.click-affiliate.us/
Title: Click Affiliate LCC

Search URL Search Domain Scan URL

URL: https://www.monetiz.us/
Title: Monetiz

Search URL Search Domain Scan URL

URL: https://telecom.click-affiliate.us/
Title: Click Affiliate LCC

Search URL Search Domain Scan URL

URL: https://contact.scripts-webmasters.net/
Title: Contact

Search URL Search Domain Scan URL

URL: https://travaux.scripts-webmasters.net/
Title: Travaux & Maintenance

Search URL Search Domain Scan URL

URL: https://faq.scripts-webmasters.net/
Title: F.A.Q

Search URL Search Domain Scan URL

URL: https://legality.scripts-webmasters.net/
Title: Mentions Légales

Search URL Search Domain Scan URL

URL: https://rgpd.scripts-webmasters.net/
Title: En savoir plus

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
clients-devis.scripts-webmasters.ovh/ 16 KB
16 KB 200ms
68ms Document
text/html 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS: hosting.scripts-webmasters.net
Software: nginx / PHP/7.4.12 PleskLin
Resource Hash: 3aa3a680080f90a7af4d88676bd060127b6cf2123b4692f034016ac13c2cec39

Request headers

:method: GET
:authority: clients-devis.scripts-webmasters.ovh
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 19 Nov 2020 22:31:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.12 PleskLin

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d372d47d8fe98f5a3e5451e03e9ba352868e71ab212193927665f19b06ba0268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45470
x-xss-protection: 0
server: cafe
etag: 11749245662720978280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 22:31:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144479449-9

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55105324629367a14c0a8b4ef3a16f7541834ecb260a3459f2c3b7609587fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38698
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 22:31:58 GMT

GET
H2 200 js.js Show response
js-site.scripts-webmasters.net/ 557 B
782 B 194ms
60ms Script
application/javascript 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

https://js-site.scripts-webmasters.net/js.js

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

eabf12728a94cccae9feff9148dc2b19f407fc8126d6621ef306e9c2b28733ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "22d-5b4722b300a3b"
last-modified: Thu, 19 Nov 2020 09:15:27 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 557

GET
H2 200 global.css
css-site.scripts-webmasters.net/ 6 KB
6 KB 199ms
60ms Stylesheet
text/css 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

https://css-site.scripts-webmasters.net/global.css

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

ae505774f438f175540024f1c11c212866fb25422c2c1317508253ae65973fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:57:54 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb641a2-170f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 5903

GET
H/1.1 200
OK / Show response
direction-x.com/ 0
0 216ms
85ms Script
text/html 91.226.182.227
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://direction-x.com/?t=31&o=ref&pgid=7741&&pg_ref_alias=scriptswebmastersnet
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.227 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: vip2.direction-x.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK / Show response
direction-x.com/ 0
0 254ms
123ms Script
text/html 91.226.182.227
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://direction-x.com/?t=31&o=ref&pgid=7356&&pg_ref_alias=scriptswebmastersnet
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.227 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: vip2.direction-x.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK / Show response
direction-x.com/ 0
0 212ms
80ms Script
text/html 91.226.182.227
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://direction-x.com/?t=31&o=ref&pgid=7031&&pg_ref_alias=scriptswebmastersnet
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.227 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: vip2.direction-x.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Vibrant.min.js Show response
www.displayvertising.com/ 31 KB
9 KB 122ms
39ms Script
application/x-javascript 84.17.59.5
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://www.displayvertising.com/Vibrant.min.js
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.59.5 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS: milan-2.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a65c22d7374dd69f37bb792cfef459617cf3bead40bc7d7964948035a2294350

Request headers

Origin: https://clients-devis.scripts-webmasters.ovh
Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AVQROwJl2VDvJ74EAA==
date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-edge-pop: milanIT
x-77-nzt-ray: q+NVDjW/Au4=
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-edge-ip: 84.17.59.2
x-age: 310823
alt-svc: quic="84.17.59.2:443"; ma=2592000; v="44,43,39"
expires: Mon, 23 Nov 2020 08:11:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144479449-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2554
date: Thu, 19 Nov 2020 21:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 19 Nov 2020 23:49:24 GMT

GET
H2 200 picto.png
pictos.scripts-webmasters.net/16x16/png/ 566 B
781 B 198ms
60ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/16x16/png/picto.png

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

6687e084bb500c36083494808e3611800b0e6770c55629d6e11bdd0becbb4a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "236-5b4722a5021a7"
last-modified: Thu, 19 Nov 2020 09:15:12 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 566

GET
H2 200 picto-0.png
pictos.scripts-webmasters.net/16x16/png/ 595 B
810 B 197ms
60ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/16x16/png/picto-0.png

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

e5dd940c6271e8f172fceee4df11527a8b49857cbc20f1b9e666020bd9df1809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "253-5b4722a4e395e"
last-modified: Thu, 19 Nov 2020 09:15:12 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 595

GET
H2 200 picto-1.png
pictos.scripts-webmasters.net/16x16/png/ 739 B
954 B 197ms
60ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/16x16/png/picto-1.png

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

df24e57fa03e2365197ce1a044cf854f1ae6dce31dc9426a2070caf063c6c540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "2e3-5b4722a4e2da6"
last-modified: Thu, 19 Nov 2020 09:15:12 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 739

GET
H2 200 picto-2.png
pictos.scripts-webmasters.net/16x16/png/ 899 B
1 KB 196ms
59ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/16x16/png/picto-2.png

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

f2306080d8f48f6d43a612de5c2d1b5c8b12ebbd05255b1e76045d920c0ab19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "383-5b4722a4c35be"
last-modified: Thu, 19 Nov 2020 09:15:12 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 899

GET
H2 200 fnd.jpg
fnd-site.scripts-webmasters.net/150x150/jpg/ 28 KB
29 KB 251ms
107ms Image
image/jpeg 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/150x150/jpg/fnd.jpg

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

6f15c1e6cee84b6a96e47db81f78e214810ad321293c80dc2a686908e0f23edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:15:19 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb637a7-71f6"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 29174

GET
H/1.1 200
OK / Show response
sitesmagiques.com/ 1 KB
2 KB 412ms
247ms Script
text/javascript 91.226.182.227
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://sitesmagiques.com/?sz=6650
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.227 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: vip2.direction-x.com
Software: nginx /
Resource Hash: 90edc21e71135c0e02f7063c5c9ee00f586acd2376c71e589c677a8047893fd4

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 22:31:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Server: php6-8
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 js.js Show response
js-rgpd.scripts-webmasters.net/ 5 KB
5 KB 190ms
59ms Script
application/javascript 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

https://js-rgpd.scripts-webmasters.net/js.js

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

2b715516bf164113ad9d8eabc9154f23d6307f99fa023b0d50a485b5d72410fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:15:27 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb637af-12bc"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 4796

GET
H2 200 js.js Show response
js-carpediem.scripts-webmasters.net/ 649 B
874 B 191ms
60ms Script
application/javascript 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

https://js-carpediem.scripts-webmasters.net/js.js

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

7777ff70be018c4610f197ed5c1f1b7b9f0a8b179487f763e3f8c1c562143998

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "289-5b4722b15d343"
last-modified: Thu, 19 Nov 2020 09:15:25 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 649

GET
H2 200 /
www.logicielreferencement.com/ 0
0 146ms
58ms Image
text/html 51.91.223.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.logicielreferencement.com/?referencement=https-www-scripts-webmasters-net
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.223.86 , France, ASN16276 (OVH, FR),
Reverse DNS: logicielreferencement.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 22:31:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 5353 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clients-devis.scripts-webmasters.ovh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clients-devis.scripts-webmasters.ovh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Nov 2020 01:13:00 GMT
expires: Thu, 03 Dec 2020 01:13:00 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 76738
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79b864d685b5e6229471439f9355ed52b4f3963edd45b4cc386fb7c0d6c15d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0jFcXHY30vyrfTVLeJjYIA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "99dc7dad0d145ea0f5db0e0a363a7e16"
x-fb-debug: 0JInekCkMfUFIeHBXTQ6WL8/YHv85TBbUXfqtYvkV0YcIpUq/VS3Puix3Ie/xGRKQR9S7FDyCtoEnifANTd/rA==
x-fb-trip-id: 664085054
x-fb-content-md5: a91cf30ab8705f5d85aa2c3813d6ab93
x-frame-options: DENY
date: Thu, 19 Nov 2020 22:31:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 22:38:52 GMT

GET
H3-Q050 404 gtm.js
www.googletagmanager.com/ 0
0 44ms
30ms Script
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5GJL3R
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/1x220/png/ 278 B
494 B 194ms
59ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/1x220/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

77b1f33196152d89ec49de88dd4ab55a03ea9dfd9d2bd2bd246e93781bc8e83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "116-5b4722aba7c57"
last-modified: Thu, 19 Nov 2020 09:15:19 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 278

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
401 B 45ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=702646682&t=pageview&_s=1&dl=https%3A%2F%2Fclients-devis.scripts-webmasters.ovh%2F&ul=en-us&de=UTF-8&dt=Bienvenue%20sur%20Scripts%20Webmasters%20-%20Acceuil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=6186956&gjid=1007411499&cid=656181783.1605825119&tid=UA-144479449-9&_gid=1107780459.1605825119&_r=1&gtm=2oub41&z=868664292

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 22:31:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clients-devis.scripts-webmasters.ovh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
648 B 88ms
33ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=clients-devis.scripts-webmasters.ovh&callback=_gfp_s_&client=ca-pub-8372221674110748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

757d91637d95ba80f0740f58e491cb95e514c23fde2983efe5975b412d84d2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 37ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=clients-devis.scripts-webmasters.ovh

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=clients-devis.scripts-webmasters.ovh

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 389D 0
0 26ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8372221674110748&output=html&adk=1812271804&adf=3025194257&lmt=1605825118&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fclients-devis.scripts-webmasters.ovh%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605825118370&bpp=137&bdt=68&idt=194&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7816191498737&frm=20&pv=2&ga_vid=656181783.1605825119&ga_sid=1605825119&ga_hid=702646682&ga_fc=0&iag=0&icsg=2138272&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066705&oid=3&pvsid=2544228170956252&pem=502&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8372221674110748&output=html&adk=1812271804&adf=3025194257&lmt=1605825118&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fclients-devis.scripts-webmasters.ovh%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605825118370&bpp=137&bdt=68&idt=194&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7816191498737&frm=20&pv=2&ga_vid=656181783.1605825119&ga_sid=1605825119&ga_hid=702646682&ga_fc=0&iag=0&icsg=2138272&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066705&oid=3&pvsid=2544228170956252&pem=502&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=213
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clients-devis.scripts-webmasters.ovh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clients-devis.scripts-webmasters.ovh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 22:31:58 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 22:46:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 22:31:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 22:31:58 GMT

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/243x48/png/ 11 KB
11 KB 146ms
100ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/243x48/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

b13d10dd82118a2fbcd7f7dd294a224a01462e7c1b9f4e517fb1b3769dbe0a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:15:20 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb637a8-2c77"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 11383

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/345x31/png/ 881 B
1 KB 105ms
60ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/345x31/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

aafa0b11338b2863d2c4d64d5d7711f29299c88e8093a348581be5560db39089

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "371-5b4722a8de252"
last-modified: Thu, 19 Nov 2020 09:15:16 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 881

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/107x64/png/ 2 KB
2 KB 149ms
103ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/107x64/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

2cffe3ddc3e954b66cd71d64aedfcb5c39decfd73d70246790d4e66da9a7b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:15:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb637a5-78d"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 1933

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/163x26/png/ 632 B
847 B 191ms
145ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/163x26/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

9237dbc004c4ec5fb12b59040713b582b9f7255b6c3a25fdadba6cc60cd21c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "278-5b4722ac44c12"
last-modified: Thu, 19 Nov 2020 09:15:20 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 632

GET
H2 200 picto.png
pictos.scripts-webmasters.net/9x9/png/ 282 B
497 B 98ms
59ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/9x9/png/picto.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

cd7c6e45180c23136f701d0b3431fe4bbede163f29608582683f80822978903a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "11a-5b4722a6eb1e8"
last-modified: Thu, 19 Nov 2020 09:15:14 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 282

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/161x24/png/ 1 KB
1 KB 191ms
146ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/161x24/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

c58acac9e15ab1f529d937a3143c68b7ce1eecc70f9edd95dee735c270037982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
last-modified: Thu, 19 Nov 2020 09:15:21 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb637a9-4a1"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 1185

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/584x26/png/ 728 B
943 B 148ms
102ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/584x26/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

b61fdc7e36ad7b221cdd091518df5b24b3c8760654824ec9966c3254c340192b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "2d8-5b4722a789cfb"
last-modified: Thu, 19 Nov 2020 09:15:15 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 728

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/161x48/png/ 907 B
1 KB 147ms
101ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/161x48/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

99f275ee25d46110eb83f1f977b26349e837b5c5e21e464aba5129411b4d39f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "38b-5b4722ad7eb88"
last-modified: Thu, 19 Nov 2020 09:15:21 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 907

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b59a440054ddfe46a0072b9b5ea8f34e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c4b257c595345ab1fc6b856bd5019e29ad2e6240705f33a7c8481bca73d0173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://clients-devis.scripts-webmasters.ovh
Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bUywvnyHyNB3NqHVoiAy6A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60127
etag: "e25401615eb52bf097eaa5ea1571ae12"
x-fb-debug: spsZmy9N9/M9jyUUJVF7T+CuEOZ7fwQyf3ZvkugC27HQD8uZsjoEAw1LsiYUl6v3ApG3mMvlVxox/GgVR01giQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 4a5d7e06bced433c12626c4ccab3290e
x-frame-options: DENY
date: Thu, 19 Nov 2020 22:31:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 19 Nov 2021 21:20:27 GMT

GET
H2 200 / Show response
c.adsco.re/ 35 KB
13 KB 52ms
33ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/Vibrant.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1456079
etag: W/"SJc1ouqxjhvv0sBICfL/bg=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
cf-ray: 5f4d62703fc60eb7-FRA
link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
cf-request-id: 06843bda2400000eb7df90d000000001
expires: Tue, 03 Nov 2020 14:03:59 GMT

GET
H/1.1 200
OK p
adsco.re/ 0
323 B 86ms
27ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 22:31:58 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 /
6.adsco.re/ 0
266 B 17ms
13ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5f4d627078620eb7-FRA
access-control-allow-headers: Content-Type
cf-request-id: 06843bda4b00000eb7a4914000000001

POST
H/1.1 200
OK p Show response
adsco.re/ 0
438 B 80ms
27ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 19 Nov 2020 22:31:58 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://clients-devis.scripts-webmasters.ovh
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 / Show response
6.adsco.re/ 53 B
430 B 36ms
20ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://clients-devis.scripts-webmasters.ovh
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5f4d62709a06d6d9-FRA
access-control-allow-headers: Content-Type
cf-request-id: 06843bda5f0000d6d95f945000000001

GET
H/1.1 200
OK / Show response
whfo0nrrr4au.l.adsco.re/ 0
464 B 100ms
21ms XHR
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://whfo0nrrr4au.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 22:31:58 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET /
whfo0nrrr4au.n.adsco.re/ 0
0

GET /
whfo0nrrr4au.s.adsco.re/ 0
0

GET
H2 200 /
c.adsco.re/ Frame E369 0
0 16ms
12ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clients-devis.scripts-webmasters.ovh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clients-devis.scripts-webmasters.ovh/

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires: Tue, 03 Nov 2020 14:03:59 GMT
etag: W/"SJc1ouqxjhvv0sBICfL/bg=="
content-encoding: gzip
cf-cache-status: HIT
age: 1456079
cf-request-id: 06843bda5900000eb7dd8cf000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5f4d6270889b0eb7-FRA

GET
H/1.1 200
OK /
sitesmagiques.com/ Frame AF96 0
0 95ms
95ms Document
text/html 91.226.182.227
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://sitesmagiques.com/?pgid=10556&mode=6&from_sz=6650&tc2=6650&pg_b_format=3&pg_aggressive=0&prid=29&n=151&iframe=1&t=29&o=b
Requested by: Host: clients-devis.scripts-webmasters.ovh
URL: https://clients-devis.scripts-webmasters.ovh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.227 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: vip2.direction-x.com
Software: nginx /
Resource Hash

Request headers

Host: sitesmagiques.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://clients-devis.scripts-webmasters.ovh/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clients-devis.scripts-webmasters.ovh/

Response headers

Server: nginx
Date: Thu, 19 Nov 2020 22:31:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Server: php6-14
Content-Encoding: gzip

GET
H/1.1 200
OK request.js Show response
regie.oopt.fr/js/ 16 KB
16 KB 189ms
66ms Script
application/javascript 91.226.182.121
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://regie.oopt.fr/js/request.js
Requested by: Host: js-carpediem.scripts-webmasters.net
URL: https://js-carpediem.scripts-webmasters.net/js.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.121 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: oopt.fr
Software: nginx /
Resource Hash: 064f4bca311d8d941d0dbb2eee1d03301386f95f8a2f7c335a14e7b446230774

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 19 Nov 2020 22:31:59 GMT
Last-Modified: Wed, 26 Feb 2020 11:55:22 GMT
Server: nginx
ETag: "5e565caa-3fb7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000, public
Content-Length: 16311
Connection: keep-alive
Accept-Ranges: bytes
X-D-Gn: static
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fnd.png
fnd-site.scripts-webmasters.net/3x106/png/ 162 B
376 B 59ms
59ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fnd-site.scripts-webmasters.net/3x106/png/fnd.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

5e04e8d1b386adf5be7d54f2f7f58a2dca3e8a2b31574d88fd9457616e520dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "a2-5b4722a82592e"
last-modified: Thu, 19 Nov 2020 09:15:16 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 162

GET
H2 200 picto.png
pictos.scripts-webmasters.net/2x2/png/ 149 B
363 B 60ms
59ms Image
image/png 82.223.216.143
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pictos.scripts-webmasters.net/2x2/png/picto.png

Requested by

Host: css-site.scripts-webmasters.net
URL: https://css-site.scripts-webmasters.net/global.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

82.223.216.143 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

hosting.scripts-webmasters.net

Software

nginx / PleskLin

Resource Hash

30518d9988304a03f8fca4518183a42cfcf6527900e536e73e583a43ac390d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://css-site.scripts-webmasters.net/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:58 GMT
etag: "95-5b4722a63ad95"
last-modified: Thu, 19 Nov 2020 09:15:14 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 149

POST
H/1.1 200
OK p Show response
adsco.re/ 362 B
867 B 42ms
42ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: a0fcd2183d3b5e7e25ef53cb3e6521f1bb56e5b9789a0b13f93fe9216c07faba

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 19 Nov 2020 22:31:59 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://clients-devis.scripts-webmasters.ovh
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 HpavTf.aspx Show response
displayvertising.com/ 0
123 B 275ms
231ms Script
application/javascript 216.59.56.9
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://displayvertising.com/HpavTf.aspx?_=BAoAX7byXwFftvJfgAGBAsAAIN_F3gi6Yi5V4tn9tKCWKR3HMUrj2TBian3jkJjS0iN2wQBGMEQCIBAcBNDBjO1DtvczKKHgDwosX-q6ZdALcYt3BZBpVtjLAiAt9xkaUFfPKSm1_WQHHJAvHjOzvLqMMo7ILsO_xt3qPsIAIIVFCsW4k40o0kshub6PoJxFEvJOKoVMe60lHaaqvW7wxAAQKgEE-AEhExoAAAAAAAAAAsUAEPqxNN61aRCOqfpxbgDeNObDAEcwRQIhAJDuT2rKW76pOkvD_4NZEqPSNrXv_DAx2D-gUWQiJy0WAiBww1U13Gr5L8aaKEmBhhIg00bPtnUNRrXauV8RlUzIwg&v=4&DCmPEite=4221293&minBid=&mZSYgThd=0,0&RhoyqgvB=&jAdDBPre=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/Vibrant.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.9 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:59 GMT
asf: 9
access-control-allow-origin: *
content-type: application/javascript
popads-ec: ASB
cache-control: public, max-age=604800
content-length: 0
expires: Thu, 26 Nov 2020 22:31:59 GMT

GET
H/1.1 200
OK complement.css
regie.oopt.fr/css/ 27 B
391 B 40ms
39ms Stylesheet
text/css 91.226.182.121
TWOTOWN

General

Check archive.org

Show headers Download Go to

Full URL: https://regie.oopt.fr/css/complement.css
Requested by: Host: regie.oopt.fr
URL: https://regie.oopt.fr/js/request.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.226.182.121 Amsterdam, Netherlands, ASN56693 (TWOTOWN, BG),
Reverse DNS: oopt.fr
Software: nginx /
Resource Hash: ce647bbeaf88ceba7de43ebbf8dbc0678f68c2841f232e192f98525a0e25cad6

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 19 Nov 2020 22:31:59 GMT
Last-Modified: Wed, 26 Feb 2020 11:55:20 GMT
Server: nginx
ETag: "5e565ca8-1b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
31ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97f2151a2e81c3e7084f5e2314be3adf38d3d69624653a71370e7507ca52ed5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 22:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6454
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 62ms
43ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 22:31:59 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 70B3 0
0 34ms
19ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://clients-devis.scripts-webmasters.ovh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clients-devis.scripts-webmasters.ovh/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 21:13:25 GMT
expires: Fri, 19 Nov 2021 21:13:25 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4714
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
75 B 40ms
40ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=2544228170956252&bg=!urmluZnNAAVGySeIRlhbqoPJdn4IiAIAAAA7UgAAAA5oAQcKAKM3Mt_muXap4Qea6a2eWAt5yI4owqxnGOYxpho_sTKxdHZHwARO3KNM5C6t0uLB4nvPFB4iS4vgSLl3NZ9zoBPfjT9zbHkW6NvCAljAumq_oNlH9X4klTzfDNmxlJtxNT2MI7pJaVcCP7FFgAvr4F3wEGuqg2HNBydmtuv9uFwQbzfnmzE6EBYugPQKb1Quvss1ZaDA39doxhx5rmt3DP4LBvbDmQHNcW1XxTrws14JGoiREFAxR5-0WrXunMULvAGzMeAjf_aQoA32QJCCoGu9GaSKypB1oyBYnaKzUU2Wp7T03hT0Kh_eStr4wSwM7WqkfnzIJQJYoRJ9oi79vUuqG_a7AxJQWJXD4sR1O0hIZZC1qpKzhbwKPhsyBV28ILdr_vkCOLYIXFH_WYW6bW4ptK1ZtqVBylVOVjD-HIXWobIBMUxGZv4U898vn_6jbWzyXZppBY9b_QcF2RDRIcHetx_tpfm6VVDiAtOXwR2inBdmUXFpLeRR2GjbufboO74gK5URXN3i-ogdTX1vBwwiT2yvon3fB7bSvvFxfWPpSaLTOXnZplrhAa9xV_T9SB1eVSb6JcqDHWUjt8UcznvK9uLz_tHj6vZxD0MpBsv8i-MwuW-5I6N16Sekgb3q4UmkCr3R2rs7FgSZS3FnxtgZg-EBPdLhmSiWVD_J_1rOlrA6u2H1e0Va3IE2kmcC-iQG2kwSIy-F3ERpVRX1tX-sADYHsI3gNRpGYh31DGfRkU2RuRdE938DPh0MRkPXa09jUqTUQ1TfWgtbdNlN6LsaX2rca6UZffrnRbNPaLsNmGIyocwSVwm_nqXT4q1EMCNMycE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clients-devis.scripts-webmasters.ovh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 22:32:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: whfo0nrrr4au.n.adsco.re
URL: https://whfo0nrrr4au.n.adsco.re/

Domain: whfo0nrrr4au.s.adsco.re
URL: https://whfo0nrrr4au.s.adsco.re/

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scripts-webmasters.ovh/	1970-01-19 23:25:21	Name: __gads Value: ID=e0b54d4d1264694c-2216238b74a60081:T=1605825118:RT=1605825118:S=ALNI_MYbQprJcmA5EAICjKieiG4VzddpGg
.scripts-webmasters.ovh/	1970-01-19 14:03:45	Name: _gat_gtag_UA_144479449_9 Value: 1
.scripts-webmasters.ovh/	1970-01-19 14:05:11	Name: _gid Value: GA1.2.1107780459.1605825119
.doubleclick.net/	1970-01-19 14:03:46	Name: test_cookie Value: CheckForPermission
clients-devis.scripts-webmasters.ovh/	1970-01-19 14:04:10	Name: a Value: ayDqsk28adhDOFJggRlNV5yAfOetWn6n
clients-devis.scripts-webmasters.ovh/	1970-01-19 14:04:06	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAX7byXwFftvJfgAGBAsAAIN_F3gi6Yi5V4tn9tKCWKR3HMUrj2TBian3jkJjS0iN2wQBGMEQCIBAcBNDBjO1DtvczKKHgDwosX-q6ZdALcYt3BZBpVtjLAiAt9xkaUFfPKSm1_WQHHJAvHjOzvLqMMo7ILsO_xt3qPsIAIIVFCsW4k40o0kshub6PoJxFEvJOKoVMe60lHaaqvW7wxAAQKgEE-AEhExoAAAAAAAAAAsUAEPqxNN61aRCOqfpxbgDeNObDAEcwRQIhAJDuT2rKW76pOkvD_4NZEqPSNrXv_DAx2D-gUWQiJy0WAiBww1U13Gr5L8aaKEmBhhIg00bPtnUNRrXauV8RlUzIwg
.scripts-webmasters.ovh/	1970-01-20 07:34:57	Name: _ga Value: GA1.2.656181783.1605825119

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.adsco.re/(Line 16) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
adservice.google.com
adservice.google.de
c.adsco.re
clients-devis.scripts-webmasters.ovh
connect.facebook.net
css-site.scripts-webmasters.net
direction-x.com
displayvertising.com
fnd-site.scripts-webmasters.net
googleads.g.doubleclick.net
js-carpediem.scripts-webmasters.net
js-rgpd.scripts-webmasters.net
js-site.scripts-webmasters.net
pagead2.googlesyndication.com
partner.googleadservices.com
pictos.scripts-webmasters.net
regie.oopt.fr
sitesmagiques.com
tpc.googlesyndication.com
whfo0nrrr4au.l.adsco.re
whfo0nrrr4au.n.adsco.re
whfo0nrrr4au.s.adsco.re
www.displayvertising.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.logicielreferencement.com
whfo0nrrr4au.n.adsco.re
whfo0nrrr4au.s.adsco.re
162.252.214.5
172.217.18.162
185.200.118.90
216.59.56.9
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2001
2a00:1450:4001:824::200e
2a03:2880:f02d:12:face:b00c:0:3
51.91.223.86
82.223.216.143
84.17.59.5
91.226.182.121
91.226.182.227
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
064f4bca311d8d941d0dbb2eee1d03301386f95f8a2f7c335a14e7b446230774
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
2b715516bf164113ad9d8eabc9154f23d6307f99fa023b0d50a485b5d72410fe
2cffe3ddc3e954b66cd71d64aedfcb5c39decfd73d70246790d4e66da9a7b1d8
30518d9988304a03f8fca4518183a42cfcf6527900e536e73e583a43ac390d58
3aa3a680080f90a7af4d88676bd060127b6cf2123b4692f034016ac13c2cec39
3c4b257c595345ab1fc6b856bd5019e29ad2e6240705f33a7c8481bca73d0173
55105324629367a14c0a8b4ef3a16f7541834ecb260a3459f2c3b7609587fa30
5e04e8d1b386adf5be7d54f2f7f58a2dca3e8a2b31574d88fd9457616e520dcd
6687e084bb500c36083494808e3611800b0e6770c55629d6e11bdd0becbb4a36
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f15c1e6cee84b6a96e47db81f78e214810ad321293c80dc2a686908e0f23edf
757d91637d95ba80f0740f58e491cb95e514c23fde2983efe5975b412d84d2e8
7777ff70be018c4610f197ed5c1f1b7b9f0a8b179487f763e3f8c1c562143998
77b1f33196152d89ec49de88dd4ab55a03ea9dfd9d2bd2bd246e93781bc8e83f
79b864d685b5e6229471439f9355ed52b4f3963edd45b4cc386fb7c0d6c15d42
90edc21e71135c0e02f7063c5c9ee00f586acd2376c71e589c677a8047893fd4
9237dbc004c4ec5fb12b59040713b582b9f7255b6c3a25fdadba6cc60cd21c20
9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9
97f2151a2e81c3e7084f5e2314be3adf38d3d69624653a71370e7507ca52ed5b
99f275ee25d46110eb83f1f977b26349e837b5c5e21e464aba5129411b4d39f2
a0fcd2183d3b5e7e25ef53cb3e6521f1bb56e5b9789a0b13f93fe9216c07faba
a65c22d7374dd69f37bb792cfef459617cf3bead40bc7d7964948035a2294350
aafa0b11338b2863d2c4d64d5d7711f29299c88e8093a348581be5560db39089
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
ae505774f438f175540024f1c11c212866fb25422c2c1317508253ae65973fa1
b13d10dd82118a2fbcd7f7dd294a224a01462e7c1b9f4e517fb1b3769dbe0a87
b61fdc7e36ad7b221cdd091518df5b24b3c8760654824ec9966c3254c340192b
c58acac9e15ab1f529d937a3143c68b7ce1eecc70f9edd95dee735c270037982
cd7c6e45180c23136f701d0b3431fe4bbede163f29608582683f80822978903a
ce647bbeaf88ceba7de43ebbf8dbc0678f68c2841f232e192f98525a0e25cad6
d372d47d8fe98f5a3e5451e03e9ba352868e71ab212193927665f19b06ba0268
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
df24e57fa03e2365197ce1a044cf854f1ae6dce31dc9426a2070caf063c6c540
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5dd940c6271e8f172fceee4df11527a8b49857cbc20f1b9e666020bd9df1809
eabf12728a94cccae9feff9148dc2b19f407fc8126d6621ef306e9c2b28733ac
f2306080d8f48f6d43a612de5c2d1b5c8b12ebbd05255b1e76045d920c0ab19a

clients-devis.scripts-webmasters.ovh Open in urlscan Pro 82.223.216.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

97 %HTTPS

50 %IPv6

17 Domains

29 Subdomains

19 IPs

7 Countries

418 kBTransfer

959 kBSize

7 Cookies

16 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clients-devis.scripts-webmasters.ovh Open in urlscan Pro
82.223.216.143 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

97 %
HTTPS

50 %
IPv6

17
Domains

29
Subdomains

19
IPs

7
Countries

418 kB
Transfer

959 kB
Size

7
Cookies

59 HTTP transactions
0 data transactions