www.expressio.fr Open in urlscan Pro
54.36.69.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.expressio.fr/expressions/cles-en-main
Submission Tags: falconsandbox
Submission: On September 07 via api (September 7th 2022, 8:54:22 pm UTC) from US — Scanned from FR

Summary HTTP 91 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 21 domains to perform 91 HTTP transactions. The main IP is 54.36.69.212, located in France and belongs to OVH, FR. The main domain is www.expressio.fr.
TLS certificate: Issued by R3 on July 12th 2022. Valid for: 3 months.

This is the only time www.expressio.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.36.69.212 54.36.69.212	16276 (OVH) (OVH)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	23.48.23.37 23.48.23.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
7	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.15.103 18.66.15.103	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	54.220.177.224 54.220.177.224	16509 (AMAZON-02) (AMAZON-02)
1	18.168.116.16 18.168.116.16	16509 (AMAZON-02) (AMAZON-02)
6	23.35.229.151 23.35.229.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.182.124 35.244.182.124	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	184.51.8.30 184.51.8.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
91	32

1 54.36.69.212 (France)

ASN16276 (OVH, FR)
PTR: smtp.expressio.fr

www.expressio.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.reverso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

fo-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fo-ssp.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.37 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-37.deploy.static.akamaitechnologies.com

fo-static.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

tracking.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-103.vie50.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.177.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-177-224.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.116.16 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-116-16.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.229.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-151.deploy.static.akamaitechnologies.com

essencedigitalemea2015301593033067.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	135 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	479 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	175 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 592 geo.moatads.com — Cisco Umbrella Rank: 903 mb.moatads.com — Cisco Umbrella Rank: 914 px.moatads.com — Cisco Umbrella Rank: 619	112 KB
7	omnitagjs.com fo-api.omnitagjs.com — Cisco Umbrella Rank: 25085 fo-static.omnitagjs.com — Cisco Umbrella Rank: 22423 fo-ssp.omnitagjs.com — Cisco Umbrella Rank: 34487 tracking.omnitagjs.com — Cisco Umbrella Rank: 29748	124 KB
6	moatpixel.com essencedigitalemea2015301593033067.s.moatpixel.com — Cisco Umbrella Rank: 57610	2 KB
6	reverso.net cdn.reverso.net — Cisco Umbrella Rank: 66932	153 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	4 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
2	gstatic.com fonts.gstatic.com	52 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3980	274 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 819	291 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1545	99 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 7623	281 B
1	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 3702	443 B
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 24119	792 B
1	expressio.fr www.expressio.fr	13 KB
91	21

	Domain	Requested by
12	s0.2mdn.net	www.expressio.fr s0.2mdn.net af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com s0.2mdn.net
6	essencedigitalemea2015301593033067.s.moatpixel.com	af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
6	px.moatads.com	af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
6	cdn.reverso.net	www.expressio.fr
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	tracking.omnitagjs.com	www.expressio.fr
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.expressio.fr
2	googleads.g.doubleclick.net	af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com www.expressio.fr
2	www.google.com	tpc.googlesyndication.com af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
2	fo-ssp.omnitagjs.com	fo-static.omnitagjs.com
2	af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.expressio.fr s0.2mdn.net
2	www.googletagservices.com	www.expressio.fr af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
2	www.google-analytics.com	www.expressio.fr www.google-analytics.com
1	matching.ivitrack.com
1	contextual.media.net
1	sync.taboola.com
1	s.seedtag.com
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	tag.researchnow.com	s0.2mdn.net
1	z.moatads.com	s0.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	fo-static.omnitagjs.com	fo-api.omnitagjs.com
1	fo-api.omnitagjs.com	www.expressio.fr
1	www.expressio.fr
91	33

This site contains links to these domains. Also see Links.

Domain
www.reverso.net
context.reverso.net
conjugueur.reverso.net
grammaire.reverso.net
synonyms.reverso.net
dictionnaire.reverso.net
documents.reverso.net
traduction-pro.reverso.net
www.corporate-translation.reverso.com
www.facebook.com
twitter.com
www.instagram.com
les-1001-expressions-preferees-des-francais.fr
images.forum-auto.com

Subject Issuer	Validity	Valid
www.expressio.fr R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
sni5e3bgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-09` - `2022-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
dyn.omnitagjs.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.researchnow.com Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
itm.ivitrack.com R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.expressio.fr/expressions/cles-en-main
Frame ID: DC06A1DB538A6891B12BE630ECE15983
Requests: 32 HTTP requests in this frame

Frame: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50C6C03D8DA152B8075BACDA6B9DA836
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A5472690C786A92DC4E5614DE9DCF2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FB930B675D0823250EA6084DE00B0CD
Requests: 2 HTTP requests in this frame

Frame: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 354313FE0B8FB76DCFF5B09395D759B3
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBENO2Txic8pvPATAB&v=APEucNV2smhXlflzkoUFXW_kdaow_Ix22969YNvhKl4JlDPHpvGChkj3DE7MPEXqosK6_5PNlbzeqxlDZJHxxkbrea0ORi_inN23B-LUziJYrJYHMaR9or7zayZf_7FGg6PMaLohMYGK_W4KuwcnOe5N46aiWixzjRhuSH2dr-Yf5WdpdegnMfs1OJ9I9xbvb_kUDP405PKiuByDeEwc9xqooOEG9tnNKw
Frame ID: 896683D3B69429FF95EDE448BF16773B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B395FC684158036404C46B2409A662AF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
Frame ID: B6DB8135D3AFA226B2CA20F595790208
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: C1D8BD45A0AE099B48E3D1F5A286233D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

clés en main - dictionnaire des expressions françaises - définition, origine, étymologie - Expressio par Reverso

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Page Statistics

91
Requests

96 %
HTTPS

45 %
IPv6

21
Domains

33
Subdomains

32
IPs

8
Countries

1345 kB
Transfer

3262 kB
Size

12
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reverso.net/traduction-texte
Title: Traduction

Search URL Search Domain Scan URL

URL: https://context.reverso.net/
Title: Context

Search URL Search Domain Scan URL

URL: https://www.reverso.net/orthographe/correcteur-francais/
Title: Correcteur

Search URL Search Domain Scan URL

URL: https://conjugueur.reverso.net/conjugaison-francais.html
Title: Conjugaison

Search URL Search Domain Scan URL

URL: https://grammaire.reverso.net/
Title: Grammaire

Search URL Search Domain Scan URL

URL: https://synonyms.reverso.net/synonyme/
Title: Synonymes

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/
Title: Dictionnaire

Search URL Search Domain Scan URL

URL: https://documents.reverso.net/Default.aspx?lang=fr&utm_source=expressio&utm_medium=textlink&utm_campaign=menu
Title: Traduction de documents et de sites web

Search URL Search Domain Scan URL

URL: https://traduction-pro.reverso.net/
Title: Traduction professionnelle

Search URL Search Domain Scan URL

URL: https://www.corporate-translation.reverso.com/?lang=fr
Title: Solutions entreprise

Search URL Search Domain Scan URL

URL: https://www.reverso.net/tricks.aspx?type=3&lang=FR
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Reverso.net?ref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/Reverso_

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reverso_app/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=cl%C3%A9s+en+main%0Ahttps%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-definition/cl%C3%A9s
Title: clés

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-definition/main
Title: main

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-anglais/cl%C3%A9s+en+main

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/allemand-francais/schl%C3%BCsselfertig

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/allemand-francais/schl%C3%BCsselfertigen

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/anglais-francais/ready+for+use

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/anglais-francais/ready-to-work

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/anglais-francais/turnkey

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/espagnol-francais/llave+en+mano

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/italien-francais/chiavi+in+mano

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/neerlandais-francais/turn-key

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/neerlandais-francais/kant+en+klaar

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/neerlandais-francais/gebruiksklaar

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/neerlandais-francais/sleutel+op+de+deur

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/neerlandais-francais/instapklare+woning

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/polonais-francais/pod+klucz

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/portugais-francais/chave+na+m%C3%A3o

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/portugais-francais/turn-key

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/roumain-francais/cheie

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/roumain-francais/la+cheie

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/russe-francais/%D0%BA%D0%BB%D1%8E%D1%87%D0%B8

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-espagnol/cl%C3%A9s+en+main
Title: espagnol

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-portugais/cl%C3%A9s+en+main
Title: portugais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-italien/cl%C3%A9s+en+main
Title: italien

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-allemand/cl%C3%A9s+en+main
Title: allemand

Search URL Search Domain Scan URL

URL: https://les-1001-expressions-preferees-des-francais.fr/
Title: Expressio le livre Le contenu de ce site est si riche qu'un livre en a été tiré. Ce livre, devenu un best-seller est maintenant disponible en poche.

Search URL Search Domain Scan URL

URL: http://images.forum-auto.com/mesimages/4475/Cle%20de%2012%20A.jpg
Title: clé de 12

Search URL Search Domain Scan URL

URL: https://www.reverso.net/feedback.aspx?lang=FR
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.reverso.net/tellafriend.aspx?lang=FR
Title: En parler à un ami

Search URL Search Domain Scan URL

URL: https://www.reverso.net/disclaimer.aspx?lang=FR
Title: Conditions générales d'utilisation

Search URL Search Domain Scan URL

URL: https://www.reverso.net/privacy.aspx?lang=FR
Title: Politique de confidentialité

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-definition/
Title: Dictionnaire français

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-anglais/
Title: Dictionnaire anglais

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-espagnol/
Title: Dictionnaire espagnol

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-allemand/
Title: Dictionnaire allemand

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-italien/
Title: Dictionnaire italien

Search URL Search Domain Scan URL

URL: https://dictionnaire.reverso.net/francais-portugais/
Title: Dictionnaire portugais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-arabe/
Title: Traduction en Arabe

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-allemand/
Title: Traduction en Allemand

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-anglais/
Title: Traduction en Anglais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-espagnol/
Title: Traduction en Espagnol

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-hebreu/
Title: Traduction en Hébreu

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-italien/
Title: Traduction en Italien

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-japonais/
Title: Traduction en Japonais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-neerlandais/
Title: Traduction en Néerlandais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-polonais/
Title: Traduction en Polonais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-portugais/
Title: Traduction en Portugais

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-roumain/
Title: Traduction en Roumain

Search URL Search Domain Scan URL

URL: https://context.reverso.net/traduction/francais-russe/
Title: Traduction en Russe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1&C=1

Request Chain 40

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxkE.rRa5Y1pWRriyNv3FwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDooCbRkM48iVUGkI-Jy9mQ&google_cver=1&google_hm=2

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzz5Fh9JqG3lx_kLbtfRJQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKzz5Fh9JqG3lx_kLbtfRJQ%26google_cver%3D1

Request Chain 42

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NDQxMjkwNDEyOTg3NDA5

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cles-en-main Show response
www.expressio.fr/expressions/ 67 KB
13 KB 204ms
110ms Document
text/html 54.36.69.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.69.212 , France, ASN16276 (OVH, FR),
Reverse DNS: smtp.expressio.fr
Software: nginx / PHP/7.2.11
Resource Hash: 83c28e7be7ccd2213ab3450da365d022ca6cf1dcf2b0bce1d473a7688a7bb6a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 20:54:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.2.11

GET
H2 200 pub.js Show response
cdn.reverso.net/expressio/v3100/js/ 20 B
193 B 169ms
22ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.reverso.net/expressio/v3100/js/pub.js?a=&ad_code=
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F8A) /
Resource Hash: ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:16 GMT
content-md5: S2Osd83+9xd8ZJG+SJtlrw==
age: 4280433
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:48 GMT
x-cache: HIT
content-length: 20
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:00 GMT
server: ECAcc (paa/6F8A)
etag: 0x8D87B2BB9CCA0D4
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c3526ba2-d01e-0040-7e0d-9ca811000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 main.css
cdn.reverso.net/expressio/v3100/css/ 105 KB
17 KB 168ms
21ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.reverso.net/expressio/v3100/css/main.css
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F21) /
Resource Hash: b4369c19844a62c90e4fa8b557f2a51e2b19b80c49890b7b3839c9b49679ff6c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:16 GMT
content-encoding: gzip
content-md5: t3k7MfpPJMMDciRgfHozcQ==
age: 20756767
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:48 GMT
x-cache: HIT
content-length: 16595
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:10 GMT
server: ECAcc (paa/6F21)
etag: 0x8D87B2BBF978138
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d424d3ae-201e-0054-7d33-06e07e000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19

GET
H2 200 expressio.webp
cdn.reverso.net/expressio/v3100/img/ 14 KB
15 KB 19ms
18ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.reverso.net/expressio/v3100/img/expressio.webp
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F60) /
Resource Hash: de7a94153040ce543be46f9eff988b75af4254f9dfaa4ef09b6f9c016362f67a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:16 GMT
content-md5: 6le6X194eg2oKwAoUnh+mg==
age: 19429266
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:48 GMT
x-cache: HIT
content-length: 14700
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:08 GMT
server: ECAcc (paa/6F60)
etag: 0x8D87B2BBEE3EDAC
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b776bc75-201e-0019-2446-122f92000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 book_ad.webp
cdn.reverso.net/expressio/v3100/img/ 4 KB
4 KB 34ms
34ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.reverso.net/expressio/v3100/img/book_ad.webp
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F1D) /
Resource Hash: 6c9300d39f1ea7564dc6edcc06186dcca348d2c9284e3d3e55523b4f5ceecf75

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:16 GMT
content-md5: 3qbq+xjHS4oSsz6/HDZqfg==
age: 12254423
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:48 GMT
x-cache: HIT
content-length: 4272
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:08 GMT
server: ECAcc (paa/6F1D)
etag: 0x8D87B2BBED62F74
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: c5ed2007-101e-0060-5b87-53d3b6000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 app.js Show response
cdn.reverso.net/expressio/v3100/js/ 364 KB
102 KB 20ms
20ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.reverso.net/expressio/v3100/js/app.js
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F8F) /
Resource Hash: 10c316905afe0bef37b5611cec97d4682a4e4e3536aa5d0d514e089bb3c9b711

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:16 GMT
content-encoding: gzip
content-md5: b9p+RO9fV2WU8E/UFRO7LA==
age: 4195986
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:52 GMT
x-cache: HIT
content-length: 103789
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:00 GMT
server: ECAcc (paa/6F8F)
etag: 0x8D87B2BB9EE38E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c336592d-b01e-000b-57d2-9c5442000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6736
date: Wed, 07 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 21:02:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 91ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa2365ffa92d4761037b4583636d1e9485ff9a4ffaa284a6323a4307307af4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28533
x-xss-protection: 0
server: sffe
etag: "1327 / 834 of 1000 / last-modified: 1662548676"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Sep 2022 20:54:17 GMT

GET
H2 200 expressio.ttf
cdn.reverso.net/expressio/v3100/fonts/ 16 KB
16 KB 75ms
18ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.reverso.net/expressio/v3100/fonts/expressio.ttf?1ar4dr
Requested by: Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F29) /
Resource Hash: 70d7bbb89036c3533dfb2f7ba308868155d263c24b6130f00c69bd4142757794

Request headers

Referer: https://www.expressio.fr/
Origin: https://www.expressio.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 20:54:17 GMT
content-md5: dtoMVwVf0ePj6TGFcVyaRQ==
age: 23661441
x-ms-meta-cbmodifiedtime: Mon, 26 Oct 2020 13:43:48 GMT
x-cache: HIT
content-length: 16076
x-ms-lease-status: unlocked
last-modified: Wed, 28 Oct 2020 10:25:09 GMT
server: ECAcc (paa/6F29)
etag: 0x8D87B2BBF710627
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b45c2196-e01e-0029-0ac8-eb915d000000
cache-control: public, max-age=31556926
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 93ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Source+Code+Pro:400,500,700&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77ddfb6c805a0e65877410155946465bfc67ab625e4e6eba9cc5c62e3c659d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 20:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 20:54:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 20:54:17 GMT

GET
H2 200 ot.js Show response
fo-api.omnitagjs.com/fo-api/ 4 KB
2 KB 119ms
22ms Script
text/javascript 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=5d47f6a21daebe6e760c57ae32f328ef

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

b91d1199107c3d6a9a0495b2f8174c7d117ca42ecbdd25540b7e4c814ccf0a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
content-length: 1770
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
expires: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 83ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Source+Code+Pro:400,500,700&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expressio.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 581397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 03:24:20 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 98ms
51ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Source+Code+Pro:400,500,700&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expressio.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:52:59 GMT
x-content-type-options: nosniff
age: 21678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:52:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 32ms
31ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=240868672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main&ul=en-us&de=UTF-8&dt=cl%C3%A9s%20en%20main%20-%20dictionnaire%20des%20expressions%20fran%C3%A7aises%20-%20d%C3%A9finition%2C%20origine%2C%20%C3%A9tymologie%20-%20Expressio%20par%20Reverso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1860033058&gjid=1499700083&cid=1367390835.1662584057&tid=UA-2834324-43&_gid=2146581236.1662584057&_r=1&_slc=1&cd1=no&cd2=no&z=1464413984

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressio.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.expressio.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 95ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 17:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Sep 2023 17:04:48 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 94 B
721 B 128ms
60ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.expressio.fr

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

432300c708d5de8f46ddbe2b0192c01626ad91dde1378cf82d85a1e4122b9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Wed, 07 Sep 2022 20:54:17 GMT

GET
H2 200 ot_multi_template.js Show response
fo-static.omnitagjs.com/ 499 KB
121 KB 182ms
44ms Script
application/javascript 23.48.23.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-static.omnitagjs.com/ot_multi_template.js

Requested by

Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=5d47f6a21daebe6e760c57ae32f328ef

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-37.deploy.static.akamaitechnologies.com

Software

ayl-lb-fra02 /

Resource Hash

d252650548ab4da37085c132e675a172fcd65c2bb80c176c1a392226b7ef4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressio.fr/
Origin: https://www.expressio.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-envoy-upstream-service-time: 0
pragma: public
last-modified: Wed, 29 Jun 2022 12:27:06 GMT
server: ayl-lb-fra02
etag: "62bc451a-7cac7"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=503
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type
expires: Wed, 07 Sep 2022 21:02:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 163ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.expressio.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
33ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.expressio.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 525ms
473ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2514595001283602&correlator=1782562055949061&eid=31068458%2C31068920&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fif&iu_parts=2629866%2CExpressio_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2335186413&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662584057342&lmt=1662584057&dlt=1662584056750&idt=566&adxs=1037&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main&frm=20&vis=1&psz=325x785&msz=302x602&fws=512&ohw=0&ga_vid=1367390835.1662584057&ga_sid=1662584057&ga_hid=240868672&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3d77c678e6b1fc09529a3fbc4e5be6c349aa4bae941d291e80bd07dff4254a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8024
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.expressio.fr
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 50C6 6 KB
4 KB 154ms
33ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressio.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 20:54:17 GMT
expires: Thu, 07 Sep 2023 20:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 marketplace Show response
fo-ssp.omnitagjs.com/fo-ssp/ 12 B
142 B 141ms
58ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-ssp.omnitagjs.com/fo-ssp/marketplace?Attempt=ff994b1ae81894ed5d47f6a21daebe6e&Campaign=e2a82912438eaa7d2f234f778f82c274&CanonicalUrl=https%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main&Origin=https%3A%2F%2Fwww.expressio.fr&Source=SSP&Url=https%3A%2F%2Fwww.expressio.fr%2Fexpressions%2Fcles-en-main&player=ima&_=1662584057438

Requested by

Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/ot_multi_template.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.expressio.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.expressio.fr
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 38
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 12
expires: 0

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
94 B 77ms
23ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=ff994b1ae81894ed5d47f6a21daebe6e

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
235 B 76ms
21ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=AVAIL&attempt=ff994b1ae81894ed5d47f6a21daebe6e

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 128ms
72ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1298521da7c18ba85a26ac1bd3528e4b93a934183a5685aeae2b35a674cc67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11162
x-xss-protection: 0

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
93 B 24ms
24ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=INVENTORY&attempt=ff994b1ae81894ed5d47f6a21daebe6e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 49
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 110ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 20:54:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A54 13 KB
5 KB 78ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressio.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 10239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 18:03:38 GMT
expires: Thu, 07 Sep 2023 18:03:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9FB9 783 B
1 KB 92ms
35ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

296c3299aca992541615899c9d9f3e515f734a6ee555559e0a2f2e392d5fb88c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a0MNhHxsFboegHWnUsWkOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressio.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-a0MNhHxsFboegHWnUsWkOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 20:54:17 GMT
expires: Wed, 07 Sep 2022 20:54:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3543 6 KB
3 KB 77ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressio.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 20:54:17 GMT
expires: Thu, 07 Sep 2023 20:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FB9 0
0 110ms
58ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=2514595001283602&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A54 36 KB
16 KB 70ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:23:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8966 624 B
974 B 125ms
64ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBENO2Txic8pvPATAB&v=APEucNV2smhXlflzkoUFXW_kdaow_Ix22969YNvhKl4JlDPHpvGChkj3DE7MPEXqosK6_5PNlbzeqxlDZJHxxkbrea0ORi_inN23B-LUziJYrJYHMaR9or7zayZf_7FGg6PMaLohMYGK_W4KuwcnOe5N46aiWixzjRhuSH2dr-Yf5WdpdegnMfs1OJ9I9xbvb_kUDP405PKiuByDeEwc9xqooOEG9tnNKw

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 20:54:18 GMT
expires: Wed, 07 Sep 2022 20:54:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3543 82 KB
35 KB 134ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWwuMF53guYf15rY_B8zN3IyeYAJRMu_3nOBIrTkf5-sCWhYJPe3wNPHJxXf4-CKCToh1iVkEEZ7o1eo9J_43EOn9THoGQqU5BaMl93RWBJTq3nGbtsGV5-4yzMsCCKpGAoAQr9C1WsQBEyNj6jo0avHq05g&dbm_d=AKAmf-DiYJgq_SWzIHieimxPCY2LGuSSuYmURb0tjb28L_F9bw0O5O_gkXazXjPgRNJCLN8PSqoxe_NidCAd7LVgm_BwY6zfAiVh7c0xjrwvwFct2sP767hSu7J3V9CvrhXUjHz2i5Ih_fiuleB8ZAiTmJY-Craj_5VJ3SGFiJSznXe7teQ_KYFKar_AUEUY33ZlUNTFQvW_1Xv-J64GigmImpOQX_UiDdYZkxSrPSzcBF-jm2pZH6d-E9Ya_Ev4cGmL9fDSw-4ahX8zx4NDSZmVb408s5uS5fTN9x7aYxqXZtSRNKKZaB8SkCjKcsU379XjxeH2DTgcTOZ8S3TFlltON6SX_dvUHSGBR0DbcKL3Cq72Eje2GHfDJcTAl3gMrJTJc31rAEuFzCsO999r0KZN2h7r88w8eQzz6XQV-TG8OtW2bTMeJWRd0-FbUd6jlh5UrohRz1txS3-SHZyxkLTdY3GJWF2QgwRGwrh_al38cCS3W9tY0LpId1HmMA2CbFhrw3uHpPjlpW6IHtTiXQ1PdCFCwc0fs_QI_LG-C_xw5rph_ik3-s9TMZQ4KfgQ4gdvAcxXewEZJ5VvsstCiS9cg0kwsnpkvFydwtdkz6e1CMbCeR5ZIhDsQjNBMewXVhyTu4XAqILp_IDlb73tgpSUVL2tJzbGB0Q-gL74VWZK_LK4yp5RFphJiGrsgM3SvvGICSjMM748dOOK7oBtiqtiV74_u7NzkwOYLbkDbFbu2nEewco7ZEUtbmFKN4ZSwV5IhAUMLqM_evD-qJEieHck5ICjCMm4TXy9Tp9XIWNSLFOVCuaT_2WpaW8yAbcOmytkzlZ-9NAsgZFnU-_xH-nWoxpE8n7dhJOevtxffIUOmB3ItcwRjsxp7_MW0dMpxyO2yiJMBrzM_ftQOJJ1GsG-6PFgP-nJLC5Pxsdci48-qr4DRa953uyJvzUYrRt00S9PBQ3SlD7d0nriObvKyK6cP6W8QE6Da_Cdgc67GbGY9nBFM4XGOiWMaWExHVAAqmsl1UTrHD9kLUlTqwXEBTJg5XewFLcrggiOEUJfvwcttVKZkdJ9hGz8vEbjS8t42Rp097giBaSHWPxLhqHqMpXu4rIviYabykQ3-o_brNLSqN7k7F9qa2Wufzo1kcQHe3vvM2QA9kX7VGjkTSxKMqD5yZ7THU4vuHhYXNrjljlZfMt14-7PVlx06nTC6hk1aLaV7hp1PpsPjpo3ngFNk1z0q_pfp5Ds6-dXbnEwzc-BPD8FLJ6xy8-ktn4rGqooVlrUQBA2M86mrgbM0yzXEYOMEHsGGK_Kl4rPgcVbeCz2zGQsAB-9BbUayxTguUdpT5qY3nyoIh-31wHZsE87QWkVOPW_ob187o0KWRk_poRdVhgVu5DQs-SAxrXl0abkJNdDqhuCMEiChq3lKCYTpd2TsPJKfr55Xq8KIGCEDBziEZfNeiPwmrOIf-qx2hw1m8BQkhPudBCvNYSRvwq5SILFeNSdmuPWhUJuRbRXQm2aVrYiM-UAgzXqHKniItY2-dpFhKWdnz300Rx0Xfoxvkxs2cAHhkNxpGBIj_RvAPEp6tY5VQNFbzxZ-8QkzSaYbNXE9EJKU-aF6hYvPZU95pPi3dCfmLN5TTTUKI09b_8pVewSyiKgVPhQBEwZAHGnk28LlvCNLVuPu2JNOuvdnHHs64auNqmjs9mGF82fEttMJNupJXm9LmVACxkRpQMcyOaY7OyQY8pCAdIFv0uwbNaDdX-p_5dMJa5cL8ZYCrG4rJDYX89XUkaU5YIKxkAozFN2vbkp-h8V7mWjJMxzNTI8uS3HIsFndbURIabjN1Hgn0tEwEn75ybZCBpN3_Ucfqj3KEUlXZcztjeqemKwi9jlM6x6cssW--zj74RpCCmkJk5UMc4TYIUtMBq351wj24RD_toLyjDls5fwi-B1ckBlQPH6R8dvA9JqCcpKQZkXzTl9_0qWetSeIylMaskMVPeST-zRwZKvZsR7WxNgeDtzjiEVjEpncLwLTfrp25IzeF44MJnUWerLmJL6nbprB3JwUSsR2E3EPKPRqgdglPVd9nENDn3_SRS7LSgNPurt8DXCL4ogxw-IKd2YX_TBMptJB4kVWVHnfKJkAr-L20OeFjsah2NC1YsHxAHMyuBkgY98518P-msc7V2yzms_Y6rfXV9dKLcIptcYRIrXVL76GMd0pxlVQ2PogekU5JcKmJizzfG2jS5uKKd4QItsSaKpJvozLUQ75kz-j8qtSAYU6KntHI4zmiLW1jAN9lsRDWFW_HvDN3ALkDS0HIqdaCyLRxmxhThX3P8vvyD3hnjTSKBucaz0nqL5emZbrtZW-MpqsztlXrNx5RxBI3_bF1jeQ7_UkcJztkz6BrqrkTTyCTAkWKe-hz_Ai4_qp4O6Z_t4pVfwALK1NqudnyQUFgzLHHFHywZ3YouvWmky7-kJMeTyFKz01gXnFFmMAqQxjFn84xz8DzDuMoY4W5uLTUh1lIAATE3i3TQFqGiNWmvN8yg55Aot6RWxTwxlD5DwAkAE0IMdMg2tq3eL090JQNpOy9IOSxUWedllDhmTfSgQo68c9M0p_VLIkHSG3fE8NcHUe36WdpDDHkZt-KWimsBatllI9YG9dxm1VlGc9U4SR65RAiB6sAfDJqlPjLe7tTmbGKzJcCYh_Vd2e9F-cWBwXXUMDE8cA-Vj_Qw1mjUuGSlfQWfNDXia3lIoAtq8SvefJ2k1CX2LyhLAXfPlLoubQ2eKW9IH-OG1D_lY-A4J8165kzFUjYIwtiyGXj5Cj4fUr1V4fCQPPJ7nlCEmnavB6XkE1liL4g6B_Yzu3Mrl7up2zfwKWYYnXSOkKT3o1QV7j8zJC37VzuRNOFyi5gIJonEiGqLn_ipQpxhWnyXN-ddFzM0jE0ddoJ0z-kW98tQOkmKcFF15ttvGBog73Cx60VRdu1_iPVAENrE9TETjAHN8VP2SFuFKqxN1aCn1G-My1fTfIC-prELAqfwpX-lTm4i9m_TtBeUXLoFdQrRpO9u1p94UpkovBDuyLXMLGdsq2GqYe5qjsVF6Yu_uJKt8NUzF1YxKl_pp9SEBalKZGnWz6CTz2LNGA8PLqgOmGBg0lp40ztqFJTA75uQdTSmBPNRTnDnWsX_4UXg7iIJf405BujUEeCHG_qrDbamD6CZEiY39Ob1Mo9XrW6vLQhXuBvbHrfwxD9XVYqA63t1w5FuAZE-bL828q89anKaR9cAIZW-yluo&cid=CAASJ-RoqWoIrLuJZ4ytyObvd1KF2phEH2L8iEdTp4RpeCnorzD42fhOIw&rfl=1%2Chttps%253A%252F%252Fwww.expressio.fr%252F%240

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4cf85357351fa2f59db735e7b56956ed364c7bc0ef5577ca17d20de02ca60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35147
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3543 42 B
63 B 60ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_fQyDY62k0GH8MueOE510ylk5myIvq_XOnOOXM4e-9mu5hPqHkza7fcxIOiWS3Ewx2aBCjHAsm6Hk_LmC7aPW2Ri03KoO2ymtCL_8d4w5HizhOnw

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 3543 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 20:49:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 3543 17 KB
7 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 20:53:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3543 0
0 89ms
34ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToOh6xG2ukTfG58KHXzyPuvvfznuwr9FPDrkrKAl8rg3fXc9QBfU4LuvdnlD57NFR7xflcyk4LldspBAbmOpZO3R_DBQ
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3543 142 KB
44 KB 96ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A54 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vjPZGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8966
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1&C=1

43 B
843 B

108ms
107ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBENO2Txic8pvPATAB&v=APEucNV2smhXlflzkoUFXW_kdaow_Ix22969YNvhKl4JlDPHpvGChkj3DE7MPEXqosK6_5PNlbzeqxlDZJHxxkbrea0ORi_inN23B-LUziJYrJYHMaR9or7zayZf_7FGg6PMaLohMYGK_W4KuwcnOe5N46aiWixzjRhuSH2dr-Yf5WdpdegnMfs1OJ9I9xbvb_kUDP405PKiuByDeEwc9xqooOEG9tnNKw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 747256bcad4399ae-CDG
pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k4preqqJt1JN3%2BrpfTPbRfLS97bRzoGOBbHUAQBvvJnFTimvK8lotjY%2BVzalA9IMHJUktFF8SvMW%2BodpqY8UnMtCloqpOophnqANCNR1nd9JY3BVVdFXKKhcHHnuX93vcjub7kRvYDSOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGWu9DFWWWAp%2B3AF1xVcTHc%2Bnx3HkM7rxJG7GR3M52LhJ7wNInAIYG5MtWNe%2F6eq3cTLImYtvxNy1q%2BiPVdggZBzUS%2BXzbgq2LNit1nKjbRu2b5AZO3QkGaaychQS5PDXb1qjpoX80EcqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESELC4WppMnTpWX_s554httfM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 747256bc4c0ed3ec-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8966
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxkE.rRa5Y1pWRriyNv3FwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDooCbRkM48iVUGkI-Jy9mQ&google_cver=1&google_hm=2

43 B
850 B

66ms
66ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDooCbRkM48iVUGkI-Jy9mQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBENO2Txic8pvPATAB&v=APEucNV2smhXlflzkoUFXW_kdaow_Ix22969YNvhKl4JlDPHpvGChkj3DE7MPEXqosK6_5PNlbzeqxlDZJHxxkbrea0ORi_inN23B-LUziJYrJYHMaR9or7zayZf_7FGg6PMaLohMYGK_W4KuwcnOe5N46aiWixzjRhuSH2dr-Yf5WdpdegnMfs1OJ9I9xbvb_kUDP405PKiuByDeEwc9xqooOEG9tnNKw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 747256bd5eec99ae-CDG
pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcSy%2BOT58EWNjyPXvfCAWxSBnSRsnCq5ZcZrK4TQa88URmAb4goL6nOnXSuau3YVxBo%2FjO4j%2BI11hfRftSQ29DLaDa0wN%2BFaaNRmIkiB7JStZVXRHYpQY0P51Ff%2Ft5UJNU7l%2FhN6phJ%2B%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDooCbRkM48iVUGkI-Jy9mQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8966
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzz5Fh9JqG3lx_kLbtfRJQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKzz5Fh9JqG3lx_kLbtfRJQ%26google_cver%3D1

43 B
1 KB

32ms
32ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKzz5Fh9JqG3lx_kLbtfRJQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBENO2Txic8pvPATAB&v=APEucNV2smhXlflzkoUFXW_kdaow_Ix22969YNvhKl4JlDPHpvGChkj3DE7MPEXqosK6_5PNlbzeqxlDZJHxxkbrea0ORi_inN23B-LUziJYrJYHMaR9or7zayZf_7FGg6PMaLohMYGK_W4KuwcnOe5N46aiWixzjRhuSH2dr-Yf5WdpdegnMfs1OJ9I9xbvb_kUDP405PKiuByDeEwc9xqooOEG9tnNKw

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 20:54:18 GMT
X-Proxy-Origin: 37.59.164.102; 37.59.164.102; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cbcb233c-4f95-4b21-9bd8-6df1813afd49
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 20:54:18 GMT
X-Proxy-Origin: 37.59.164.102; 37.59.164.102; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6e5168a7-738e-4a4e-914b-5702ff5549ae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKzz5Fh9JqG3lx_kLbtfRJQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8966
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NDQxMjkwNDEyOTg3NDA5

170 B
188 B

85ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NDQxMjkwNDEyOTg3NDA5

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 20:54:18 GMT
X-Proxy-Origin: 37.59.164.102; 37.59.164.102; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: afd8f043-e8cd-4a05-9bc1-a504946881a6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NDQxMjkwNDEyOTg3NDA5
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3543 170 KB
59 KB 108ms
24ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
Origin: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 3543 8 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWwuMF53guYf15rY_B8zN3IyeYAJRMu_3nOBIrTkf5-sCWhYJPe3wNPHJxXf4-CKCToh1iVkEEZ7o1eo9J_43EOn9THoGQqU5BaMl93RWBJTq3nGbtsGV5-4yzMsCCKpGAoAQr9C1WsQBEyNj6jo0avHq05g&dbm_d=AKAmf-DiYJgq_SWzIHieimxPCY2LGuSSuYmURb0tjb28L_F9bw0O5O_gkXazXjPgRNJCLN8PSqoxe_NidCAd7LVgm_BwY6zfAiVh7c0xjrwvwFct2sP767hSu7J3V9CvrhXUjHz2i5Ih_fiuleB8ZAiTmJY-Craj_5VJ3SGFiJSznXe7teQ_KYFKar_AUEUY33ZlUNTFQvW_1Xv-J64GigmImpOQX_UiDdYZkxSrPSzcBF-jm2pZH6d-E9Ya_Ev4cGmL9fDSw-4ahX8zx4NDSZmVb408s5uS5fTN9x7aYxqXZtSRNKKZaB8SkCjKcsU379XjxeH2DTgcTOZ8S3TFlltON6SX_dvUHSGBR0DbcKL3Cq72Eje2GHfDJcTAl3gMrJTJc31rAEuFzCsO999r0KZN2h7r88w8eQzz6XQV-TG8OtW2bTMeJWRd0-FbUd6jlh5UrohRz1txS3-SHZyxkLTdY3GJWF2QgwRGwrh_al38cCS3W9tY0LpId1HmMA2CbFhrw3uHpPjlpW6IHtTiXQ1PdCFCwc0fs_QI_LG-C_xw5rph_ik3-s9TMZQ4KfgQ4gdvAcxXewEZJ5VvsstCiS9cg0kwsnpkvFydwtdkz6e1CMbCeR5ZIhDsQjNBMewXVhyTu4XAqILp_IDlb73tgpSUVL2tJzbGB0Q-gL74VWZK_LK4yp5RFphJiGrsgM3SvvGICSjMM748dOOK7oBtiqtiV74_u7NzkwOYLbkDbFbu2nEewco7ZEUtbmFKN4ZSwV5IhAUMLqM_evD-qJEieHck5ICjCMm4TXy9Tp9XIWNSLFOVCuaT_2WpaW8yAbcOmytkzlZ-9NAsgZFnU-_xH-nWoxpE8n7dhJOevtxffIUOmB3ItcwRjsxp7_MW0dMpxyO2yiJMBrzM_ftQOJJ1GsG-6PFgP-nJLC5Pxsdci48-qr4DRa953uyJvzUYrRt00S9PBQ3SlD7d0nriObvKyK6cP6W8QE6Da_Cdgc67GbGY9nBFM4XGOiWMaWExHVAAqmsl1UTrHD9kLUlTqwXEBTJg5XewFLcrggiOEUJfvwcttVKZkdJ9hGz8vEbjS8t42Rp097giBaSHWPxLhqHqMpXu4rIviYabykQ3-o_brNLSqN7k7F9qa2Wufzo1kcQHe3vvM2QA9kX7VGjkTSxKMqD5yZ7THU4vuHhYXNrjljlZfMt14-7PVlx06nTC6hk1aLaV7hp1PpsPjpo3ngFNk1z0q_pfp5Ds6-dXbnEwzc-BPD8FLJ6xy8-ktn4rGqooVlrUQBA2M86mrgbM0yzXEYOMEHsGGK_Kl4rPgcVbeCz2zGQsAB-9BbUayxTguUdpT5qY3nyoIh-31wHZsE87QWkVOPW_ob187o0KWRk_poRdVhgVu5DQs-SAxrXl0abkJNdDqhuCMEiChq3lKCYTpd2TsPJKfr55Xq8KIGCEDBziEZfNeiPwmrOIf-qx2hw1m8BQkhPudBCvNYSRvwq5SILFeNSdmuPWhUJuRbRXQm2aVrYiM-UAgzXqHKniItY2-dpFhKWdnz300Rx0Xfoxvkxs2cAHhkNxpGBIj_RvAPEp6tY5VQNFbzxZ-8QkzSaYbNXE9EJKU-aF6hYvPZU95pPi3dCfmLN5TTTUKI09b_8pVewSyiKgVPhQBEwZAHGnk28LlvCNLVuPu2JNOuvdnHHs64auNqmjs9mGF82fEttMJNupJXm9LmVACxkRpQMcyOaY7OyQY8pCAdIFv0uwbNaDdX-p_5dMJa5cL8ZYCrG4rJDYX89XUkaU5YIKxkAozFN2vbkp-h8V7mWjJMxzNTI8uS3HIsFndbURIabjN1Hgn0tEwEn75ybZCBpN3_Ucfqj3KEUlXZcztjeqemKwi9jlM6x6cssW--zj74RpCCmkJk5UMc4TYIUtMBq351wj24RD_toLyjDls5fwi-B1ckBlQPH6R8dvA9JqCcpKQZkXzTl9_0qWetSeIylMaskMVPeST-zRwZKvZsR7WxNgeDtzjiEVjEpncLwLTfrp25IzeF44MJnUWerLmJL6nbprB3JwUSsR2E3EPKPRqgdglPVd9nENDn3_SRS7LSgNPurt8DXCL4ogxw-IKd2YX_TBMptJB4kVWVHnfKJkAr-L20OeFjsah2NC1YsHxAHMyuBkgY98518P-msc7V2yzms_Y6rfXV9dKLcIptcYRIrXVL76GMd0pxlVQ2PogekU5JcKmJizzfG2jS5uKKd4QItsSaKpJvozLUQ75kz-j8qtSAYU6KntHI4zmiLW1jAN9lsRDWFW_HvDN3ALkDS0HIqdaCyLRxmxhThX3P8vvyD3hnjTSKBucaz0nqL5emZbrtZW-MpqsztlXrNx5RxBI3_bF1jeQ7_UkcJztkz6BrqrkTTyCTAkWKe-hz_Ai4_qp4O6Z_t4pVfwALK1NqudnyQUFgzLHHFHywZ3YouvWmky7-kJMeTyFKz01gXnFFmMAqQxjFn84xz8DzDuMoY4W5uLTUh1lIAATE3i3TQFqGiNWmvN8yg55Aot6RWxTwxlD5DwAkAE0IMdMg2tq3eL090JQNpOy9IOSxUWedllDhmTfSgQo68c9M0p_VLIkHSG3fE8NcHUe36WdpDDHkZt-KWimsBatllI9YG9dxm1VlGc9U4SR65RAiB6sAfDJqlPjLe7tTmbGKzJcCYh_Vd2e9F-cWBwXXUMDE8cA-Vj_Qw1mjUuGSlfQWfNDXia3lIoAtq8SvefJ2k1CX2LyhLAXfPlLoubQ2eKW9IH-OG1D_lY-A4J8165kzFUjYIwtiyGXj5Cj4fUr1V4fCQPPJ7nlCEmnavB6XkE1liL4g6B_Yzu3Mrl7up2zfwKWYYnXSOkKT3o1QV7j8zJC37VzuRNOFyi5gIJonEiGqLn_ipQpxhWnyXN-ddFzM0jE0ddoJ0z-kW98tQOkmKcFF15ttvGBog73Cx60VRdu1_iPVAENrE9TETjAHN8VP2SFuFKqxN1aCn1G-My1fTfIC-prELAqfwpX-lTm4i9m_TtBeUXLoFdQrRpO9u1p94UpkovBDuyLXMLGdsq2GqYe5qjsVF6Yu_uJKt8NUzF1YxKl_pp9SEBalKZGnWz6CTz2LNGA8PLqgOmGBg0lp40ztqFJTA75uQdTSmBPNRTnDnWsX_4UXg7iIJf405BujUEeCHG_qrDbamD6CZEiY39Ob1Mo9XrW6vLQhXuBvbHrfwxD9XVYqA63t1w5FuAZE-bL828q89anKaR9cAIZW-yluo&cid=CAASJ-RoqWoIrLuJZ4ytyObvd1KF2phEH2L8iEdTp4RpeCnorzD42fhOIw&rfl=1%2Chttps%253A%252F%252Fwww.expressio.fr%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 20:45:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 3543 30 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 20:45:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3543 41 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 3543 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1406f66685143fe45c25494cfc49af12b57d55848807820461674e2acc50b83c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B395 22 KB
8 KB 25ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 479001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame B395 36 KB
16 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:23:25 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/essencedigitalemeav2553596143685/ Frame 3543 325 KB
110 KB 129ms
25ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/essencedigitalemeav2553596143685/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a12a7412263953546b69bfae725d85947486bf68b9823f6db1a77951623f2426

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:16:35 GMT
server: AmazonS3
x-amz-request-id: RYKJA3TQ3XMAJD2T
etag: "72ace50a3190583a0422401183b62b4f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51633
accept-ranges: bytes
content-length: 112236
x-amz-id-2: FxAzjMWVQbsg7kP1DnP/UVPcBgXIlJzaQr2k9j7WOGsne0t8TCplmCg+z+pzKWOKM3eB5zxDkRM=

GET
H2 200 beacon Show response
tag.researchnow.com/t/ Frame 3543 42 B
443 B 127ms
35ms Script
image/gif 18.66.15.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.researchnow.com/t/beacon?pr=287236&adn=3&ca=28124059&si=6036527&pl=341388406&cr=174256096&did=ADID&ord=3527843853&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-103.vie50.r.cloudfront.net
Software: Apache/2.4.54 () / PHP/7.2.34
Resource Hash: 8f84c4ced509262009163e45994b45ed7ee9d4dbac88674be5f2db5c9e5be38e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:45:22 GMT
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
server: Apache/2.4.54 ()
age: 536
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: VIE50-P1
content-type: image/gif
content-length: 42
x-amz-cf-id: u-a1XS6mlEsiUcjn5eBeZJy_Dix5v161DYnmMxQZNPhm7y7H2gJWhg==
expires: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10259358282099458048/ Frame B6DB 732 B
421 B 84ms
33ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb5daf130a35d6c9323bb6c4c5487d74f05b8e36fded2965c2c25ee56d71de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 393
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 20:54:18 GMT
expires: Thu, 07 Sep 2023 20:54:18 GMT
last-modified: Fri, 12 Aug 2022 13:17:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3543 0
622 B 145ms
72ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUAZtA2hSMlBhdySvp4wfWlOUMeGSE02CeN9xBvU6NngexnuH-AJK_HbOfMhqaIAFjCrSrgLpxDyiuNcK6QRPdseu_Q211n8dlS5ftEJQ6Lci56sus9kQcxppQbpVJzDmXxseRkTyeuJ330ArG-YPLJuzpyZb1Z4bNiXRbF5ii7u4xPUlb1qfXTbWyeOIY1dEfgl6ClU1Sy3h89vNfA2glFxOqeyrUolrkRhHIM_ehj4kqEJsVa5p_2tiZlaNmYaGW0rPZUciWHQuSkLD9bouw0YAn0MxfNhsH3ULAd2hM5T-iR2ygDAXyYxccixxrv4dMbeOspJM08ae8ykocyHsZ6hUio47BV8j3JZJAHzWpIcMYuMDnF063UPctMiKLuDHRUALXis-urKSOCxOmjwqLySqWuc1ZtBvfjBx_r-C_9Yl7IhsBIgMOIrr76SxwtpDOHWClyA4l1L0_2adLjNYdHdeoBXI5mDEVMct7hHDQeQVLQO8ebuIPmdSQ9XWrbFJC1E7S2trGoKp8qDPXIrMc_gldlVRU5PJu04HzYXo7uMtjaKDD8MEsgBUj83J65crTiggWCZx_Z3vXXPPlbT59fiOCTmQ0AlGC7uKJ9pkPCTi59VcQ7s4yq3oFQVn75K6wgm7h52TS2wnCLSRSVgqlEquLiP4-3cO5YrmiGj8--qUIK2KJbTYj8AOFeNy1QOWCL7GKcCbSd5jVhzRQ8vJNUnfuxg0If8vQY3x1EOdriKdhMn-ogOVWrioL1-Yre4RRecdVS3Rgoo0lyADjauZZgKVG9XEgHgxvDG73AyuR7UpHzjViwFlUGJkjBmf1yVe5mDCS2ZmqDu9UmVk-dfk9IyV5NrKMhxjqsFw43V3irD2bNzyBF0vQYtX7rFtB3I-aNoNkMzR9JYWIQGCgfriH82BB1D31soDteTqnGJaUb6s2gz9d6U5b8JfE3L1rz_RUi-XmbwLWhCvzBkZ2Ur9lSGKPBTgzIkVnSezq92Gpq4fs-iU3gWSVk5OSQai_4ojrJCAidHOTiAO9jXzqyH_xmwbrpveJjk0CjCm38mVywXVNw3XQA98wzdJtwnIHz0-Zokdy2XfkfOIAhXSOvH6eRcJuAzEBKoB0_CWVIF10cC2andJxT-DZzCGQ1UQrEtUn_1SxTNbPSm2HUvvUBVm4wzv_prIOykeISQjVkP3Mj4CLadN43k2djqA&sai=AMfl-YTesidaEBtoCzfLEUZp7s4HV-S2u0QP_Ov_QUxvukI_7C2ki9HdU-okBOdA0QGerl-Z_fC2pIk_mqUh_hPp1Dbvj2ud7lRuAEMI7rugRkzxg_wxlETyuum-dbvCLXW-SgH0_40GSayUUQBe_olH9NA8l12lssfJQ_SHsPYC3r6zAUfTikSN3Z6bUdeW6V_nPNAWANMp-WkqeTxeqVKMOfl3HQrUGOA&sig=Cg0ArKJSzEl96JkPIwDQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=169&cisv=r20220901.14313&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 20:54:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B395 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6o5Y-gQZY8edB_TE7_UPpZCTuAwAAAAAOAHgBAI&bg=!X1ylXBjNAAZTikH4c4o7ACkAdvg8Wqj09jrF0p0T_KSwsqLmZQfzyqrryh30JQ3f0hqBXOUl0s6zOgIAAABbUgAAAAJoAQcKADRe2FA5gjABoX7NzQpOrPzzmxHsHs-glrz9XTzBnmLFc2BmtWlD4JsnCnkP-S76PwZpvAZ1mQL50DKfZ24j1jhoY9Bmx0Janja3hU6lx62SmqCGUSxcHcABaShVI4puRfq_pNDGuYTNRSoPNcQwPCt_l-gOIbktvUO_e8CAp3pUhXKiWdtsqAWfyFc6h7LSo8PGRoyoxIf_2yNWMVDeAxdY-FZIINQRuTS_ilCQnWRyOQz4pNCt5yTGZQDqe5rg1eIW_KuDPRwRxDu22-epiaJFHEwZwVGeTzEvm_0q_uT0zXd95Ycq0tRtKHuG5fFH-_mqQJp3H8KsU3tjkI-EZ58fZXFzSmrLDl3n8vq6cXUk41R5XzTvUnl5BQQfXjl5N6Bb9D0X7CWnTTbNtfS3lR1yaAUnJyTb1-1s3YhC3QbVwgcWjZiy9j05WtzdqeNSWbgSn8xYQPwtFPAGdtIMrvmuiY0UGC65rlMokjLK02nLKAy4o9nmm219IZSfbR2jbfsTauXlVsfb9nQkF1sWYH8_YWbA30BzW0tUwve9ikb0Y-1kXeUWsLgYRVrW_mP74YYG74gsk6qiimABrVb82z-yq9DIPXCw0ZV3mf959HqAEyWfdEV9E7gLO9qjeDzQC9vpTsf2dpzqMvXXNmwD9xOXNPx2vzcay1lWMZHw-xFuv6vxICKkHxIFTCuzeusc4JZ1IbPoEMylqnE441uHFNe3BZr29G7Ar0EWNc1o5jhmkj4rrQJdvLl_dyzacfGQFp_O8oQTftiBhoz8KvAQfQs7kgy-F54EjID9Enx6DxQ6YzvRXcpq9N0JdNxf_q82QnV4rbkLbhJJ-xmnQFWhnnqcYUNY6FCxhaPqu-TwTKoMQr4WXX_XwOnYPvF8Rf5PytmOWKXQuicgeV7rvP4jZcRKzz0OElKc4hVIQycXUFqH9k9b7pWACoIX4fcdg5X7awrIe4ZnasResitmjK0ZfMsDJt-oYPplCF8Ouz0GFg9ScRjp9CEICWAC4cl0U4zFLQzH1l1MAqnJsQdAC5ekcFpD8SAVTWjnLeVtf58yLFs8BvHNvg0JXs3S7mRZw2xnbkk

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B6DB 3 KB
523 B 85ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans:300,%20400,%20500,%20600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675aef39398e55ee5a834bbc25e5d3105efb02c5f6e35d8bd4235a3f4be10ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 20:48:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 20:54:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/10259358282099458048/ Frame B6DB 8 KB
2 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10259358282099458048/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59e43d94cd32f684f5b13526d0d110752105600cd936e277257dcacbb75de83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1768
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 13:17:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 13:19:54 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B6DB 57 KB
23 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B6DB 118 KB
40 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 07:51:00 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/10259358282099458048/ Frame B6DB 9 KB
4 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10259358282099458048/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b1bd3ff92cff335e4fdf33f9f5920cebd56c33543636c50b16258a7e9384354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 13:17:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 13:19:54 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/10259358282099458048/ Frame B6DB 26 KB
5 KB 38ms
38ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10259358282099458048/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21bd6a4cf4d95cb4ac2c2fc98b6c9faa525f0ba66a3b39d9a65fdc08f95676d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4854
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 13:17:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 13:19:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3543 0
26 B 115ms
64ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUAZtA2hSMlBhdySvp4wfWlOUMeGSE02CeN9xBvU6NngexnuH-AJK_HbOfMhqaIAFjCrSrgLpxDyiuNcK6QRPdseu_Q211n8dlS5ftEJQ6Lci56sus9kQcxppQbpVJzDmXxseRkTyeuJ330ArG-YPLJuzpyZb1Z4bNiXRbF5ii7u4xPUlb1qfXTbWyeOIY1dEfgl6ClU1Sy3h89vNfA2glFxOqeyrUolrkRhHIM_ehj4kqEJsVa5p_2tiZlaNmYaGW0rPZUciWHQuSkLD9bouw0YAn0MxfNhsH3ULAd2hM5T-iR2ygDAXyYxccixxrv4dMbeOspJM08ae8ykocyHsZ6hUio47BV8j3JZJAHzWpIcMYuMDnF063UPctMiKLuDHRUALXis-urKSOCxOmjwqLySqWuc1ZtBvfjBx_r-C_9Yl7IhsBIgMOIrr76SxwtpDOHWClyA4l1L0_2adLjNYdHdeoBXI5mDEVMct7hHDQeQVLQO8ebuIPmdSQ9XWrbFJC1E7S2trGoKp8qDPXIrMc_gldlVRU5PJu04HzYXo7uMtjaKDD8MEsgBUj83J65crTiggWCZx_Z3vXXPPlbT59fiOCTmQ0AlGC7uKJ9pkPCTi59VcQ7s4yq3oFQVn75K6wgm7h52TS2wnCLSRSVgqlEquLiP4-3cO5YrmiGj8--qUIK2KJbTYj8AOFeNy1QOWCL7GKcCbSd5jVhzRQ8vJNUnfuxg0If8vQY3x1EOdriKdhMn-ogOVWrioL1-Yre4RRecdVS3Rgoo0lyADjauZZgKVG9XEgHgxvDG73AyuR7UpHzjViwFlUGJkjBmf1yVe5mDCS2ZmqDu9UmVk-dfk9IyV5NrKMhxjqsFw43V3irD2bNzyBF0vQYtX7rFtB3I-aNoNkMzR9JYWIQGCgfriH82BB1D31soDteTqnGJaUb6s2gz9d6U5b8JfE3L1rz_RUi-XmbwLWhCvzBkZ2Ur9lSGKPBTgzIkVnSezq92Gpq4fs-iU3gWSVk5OSQai_4ojrJCAidHOTiAO9jXzqyH_xmwbrpveJjk0CjCm38mVywXVNw3XQA98wzdJtwnIHz0-Zokdy2XfkfOIAhXSOvH6eRcJuAzEBKoB0_CWVIF10cC2andJxT-DZzCGQ1UQrEtUn_1SxTNbPSm2HUvvUBVm4wzv_prIOykeISQjVkP3Mj4CLadN43k2djqA&sai=AMfl-YTesidaEBtoCzfLEUZp7s4HV-S2u0QP_Ov_QUxvukI_7C2ki9HdU-okBOdA0QGerl-Z_fC2pIk_mqUh_hPp1Dbvj2ud7lRuAEMI7rugRkzxg_wxlETyuum-dbvCLXW-SgH0_40GSayUUQBe_olH9NA8l12lssfJQ_SHsPYC3r6zAUfTikSN3Z6bUdeW6V_nPNAWANMp-WkqeTxeqVKMOfl3HQrUGOA&sig=Cg0ArKJSzEl96JkPIwDQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&vt=11&dtpt=193&dett=3&cstd=169&cisv=r20220901.14313&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.expressio.fr
URL: https://www.expressio.fr/expressions/cles-en-main

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 3543 84 B
257 B 143ms
36ms Script
text/html 54.220.177.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ESSENCEDIGITALEMEA1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&m=0&ar=5aeef158bee-clean&iw=59a4fb7&q=2&cb=0&ym=0&cu=1662584058571&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=28124059%3A6036527%3A341388406%3A174256096&zMoatAUCID=-&zMoatENV=j&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&bo=expressio.fr&bd=expressio.fr&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essencedigitalemeav2553596143685&fd=1&it=500&ti=0&ih=2&pe=0%3A328%3A328%3A0%3A327&jk=-1&jm=-1&fs=200157&na=1141889032&cs=0&ord=1662584058571&jv=322466859&callback=DOMlessLLDcallback_27345214
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essencedigitalemeav2553596143685/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.177.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-177-224.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: d3c8ad1a69487f93b4ccdbfcf65e1916894bc5005dd504439c6a0e6d97677c21

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "1ed5513adfa747853f721f0c42280dec87c958b4"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 3543 149 B
324 B 165ms
31ms Script
text/html 18.168.116.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.expressio.fr%2F&pcode=essencedigitalemeav2553596143685&ord=1662584058571&jv=897371700&callback=BrandSafetyNadoscallback_27345214
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essencedigitalemeav2553596143685/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.116.16 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-116-16.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 9c1a1564da5e4ba5ec32324b76ae52243392c79d8f9f756aef4e440ac1fb93d6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "ddd53bd39d1f3c2fc1e333ce5fba9583ff1d31b7"
content-length: 149
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 81ms
24ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ESSENCEDIGITALEMEA1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&m=0&ar=5aeef158bee-clean&iw=59a4fb7&q=3&cb=0&ym=0&cu=1662584058571&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=28124059%3A6036527%3A341388406%3A174256096&zMoatAUCID=-&zMoatENV=j&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&bo=expressio.fr&bd=expressio.fr&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essencedigitalemeav2553596143685&fd=1&it=500&ti=0&ih=2&pe=0%3A328%3A328%3A0%3A327&jk=-1&jm=-1&fs=200157&na=219345040&cs=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 200 GoogleSans-Medium.woff
s0.2mdn.net/creatives/assets/3869890/ Frame B6DB 65 KB
65 KB 26ms
26ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3869890/GoogleSans-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d89e04f1ba89f51734d0127e629b67ac779b278445f88ddf00ed7fa0248d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:41:07 GMT
x-content-type-options: nosniff
age: 791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66060
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 12:07:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 20:56:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B6DB 7 KB
6 KB 115ms
66ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3238e65085b7cd35a441edd458a137b93aac3fce322c0718201f265786c414eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5658
x-xss-protection: 0

GET
H3 200 super-g-logo.svg
s0.2mdn.net/sadbundle/10259358282099458048/ Frame B6DB 2 KB
917 B 61ms
61ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10259358282099458048/super-g-logo.svg

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6619b0b265ee49780e71c23c37d21ff4551fd157983dcf46921cff9f1e784c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 888
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 13:17:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 13:20:56 GMT

GET
H3 200 4121_20220713024823012_fop-p6a-fr-300x600.png
s0.2mdn.net/ads/richmedia/studio/4121/ Frame B6DB 136 KB
136 KB 61ms
61ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/4121/4121_20220713024823012_fop-p6a-fr-300x600.png

Requested by

Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27291f6719400a002648994083a2996b3d0483f65c131ccafec799f9860b6e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/index.html?e=69&leftOffset=0&topOffset=0&c=deIwRqx9V1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:00:45 GMT
x-content-type-options: nosniff
age: 39213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139111
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 09:48:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 10:00:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=2514595001283602&bg=!5uWl5aHNAAZTikH4c4o7ACkAdvg8WvTXToIK39X8Oj5Kdo26KqMeOwR78-gFdjAbKSBIhNhTdJ-tmgIAAABbUgAAAAFoAQcKANif1OiFtWAwaJTu9jv44mh8BbdoYL38XBiSzBLOOA4covXnfMcOYRtWFj1_CD0t_re5k_CP7b-Dej3BhKaNSBc-ySIQQh1uJbJ524mpeslutME3Zd0B7k23H7LJDnJTZDExOLOXt7YooD-giV-1cyLcwOuGtuhUvDMhWWV-evg_E2caite3a9vpBfGiSpS1TjCh-KsSl0oxQvr97tbelclfRasMp103Jw8rFhLwlUQ52fsFph7DDdNRF0kGtd2kA1JoXlj2WPJyx8H26Ef5LbZflkEZYxn4qpOZApnt6NfnXaqK2qmrzKy37-Zpd2hg0aKOAtswOqL6Y8WaPx1Ed-_pVRKEIoeVKmfqYN03j9aik0uQYj723NslbYiQJlrX0PATWgEctCTYPU4iXHJq68BziRyWY3koj3k1PFz-KTrELjhQns5A34jjl5qgq6U9AdhOBXmTFPokjOgAd6mv5Bup1l9NUR3yC5ZNxwIhDIs8FVUr7kylmxyFAb8eSJ3EH4lNVaYubLqIWD8EqRHt6NlZSHupCcCUFAsj8DM6DJe-Gr0Gi6M8-1c3g8fcVxpBnuiEA57K2l18DuCtb5YwOzT8ZciULQ04LMmHymlEUFO1InSCTP7BEWA7qkm9Yx1K-X-E4PYuS_0_a5yTm4Y3zqY5Wzq5rEgd7dWxm7df7ooLwg-r75Qg3UWwTXgtAUQsGF_S7E8w6HxEuxZtKYifj-FXm1t7Y8k1YQz9QaX3BGHcJDuLUxbblOG8BMSN2QpdzOzKpYW4Oe2zisUOAEcPvSIpTkcNqDZSsY5zESw3d-S26jcbKq7jiXTUuLZ_zGcoDlk05g9LXInBc0-AgGCBDTrBUDIcftuRSaFh3hSomw_Ki01n3euiCw-WbAi2wRxu7T2gMUg7YM9mAMqHGSsLMw9cl6rYackGGex2HcmuhNNEemwyDW_Lsa_VyHtSw9HZoPRQW4ZHZA9O93oTHXjP_gBzcqEdQYaSsLLNva3raQfdGlXZ4mkh88DtFOjsaP0SVEGUycSnSTVdR_hMBEhJTTk3PhRi9GZgE8gWnLC0-fUeENMAtJLz24kUPcbh2cv6oBZdF7mNVtJCG_eHA2SLJzHpTi393_aSDfvIIlAcwTFuJ8VicqcqL8Z3tDG3vxf8dUlK2u8VZ0QLIkTHCuK5PPOUt24FTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 GoogleSans-Regular.woff
s0.2mdn.net/creatives/assets/3869890/ Frame B6DB 80 KB
80 KB 27ms
26ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3869890/GoogleSans-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afefb815aa49f48e9aebf0e0fa1619876176b72732d5e5acfe4e6531d2c96f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:41:07 GMT
x-content-type-options: nosniff
age: 791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81916
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 13:52:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 20:56:07 GMT

GET
H3 200 GoogleSans-Bold.woff
s0.2mdn.net/creatives/assets/3869890/ Frame B6DB 64 KB
64 KB 43ms
43ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3869890/GoogleSans-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b37d784bfbdc65842134522264786c58e7072e16e7d99966479989e29344eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10259358282099458048/style.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65888
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 12:07:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 21:09:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 25ms
25ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F10259358282099458048%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3DdeIwRqx9V1%26t%3D1%26renderingType%3D2%26ev%3D01_247&i=ESSENCEDIGITALEMEA1&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&cu=1662584058571&m=100&ar=5aeef158bee-clean&iw=59a4fb7&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A328%3A328%3A0%3A327&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=80&cd=0&ah=80&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28124059%3A6036527%3A341388406%3A174256096&bo=expressio.fr&bd=expressio.fr&gw=essencedigitalemeav2553596143685&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatAUCID=-&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=200157&na=705275549&cs=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 25ms
25ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALEMEA1&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&cu=1662584058571&m=208&ar=5aeef158bee-clean&iw=59a4fb7&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A328%3A328%3A0%3A327&aa=0&ad=58&cn=0&gk=58&gl=0&ik=58&ic=58&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=80&cd=80&ah=80&am=80&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28124059%3A6036527%3A341388406%3A174256096&bo=expressio.fr&bd=expressio.fr&gw=essencedigitalemeav2553596143685&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatAUCID=-&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=200157&na=369040048&cs=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B6DB 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 149ms
24ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=80&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 149ms
25ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=80&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 150ms
26ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=58&fi=1&apd=196&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 151ms
27ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=58&fi=1&apd=196&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:18 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame C1D8 36 KB
16 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:23:25 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 25ms
24ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=269&fi=1&apd=407&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3543 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHHUQrOt77LomIbh5QpxLcPkqsJApkwpaKoiE4Of1ef2HptIBTfo4AFMJ0SvKzGcwnC-h8ttMzjeND_hIt0sYXPQLpjwIqh_ffbfv4uegHFg28aK0LQkst490ykXrbbtn2csHBT2c&sai=AMfl-YRUBRRHGcXROtYR0QrqYAH318fnSSeypuin5FK29ZCeaDSB63CBV85yqKOlfc-YkJISWgA9lT1yYXdtrWC2Fiwe_jtdMnsVYqpKikzghMTj5n1eMhYCpUWpmP-I7Rg&sig=Cg0ArKJSzMKvqdhu5J5WEAE&cid=CAASJ-RoqWoIrLuJZ4ytyObvd1KF2phEH2L8iEdTp4RpeCnorzD42fhOIw&id=lidar2&mcvt=1000&p=174,1296,214,1337&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2335186413&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662584057936&rpt=320&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 26ms
25ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALEMEA1&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&cu=1662584058571&m=1223&ar=5aeef158bee-clean&iw=59a4fb7&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=144&lg=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A328%3A328%3A1082%3A327&aa=1&ad=1073&cn=58&gn=1&gk=1073&gl=58&ik=1073&ic=1073&ez=1&co=1073&cp=1010&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=80&ah=1010&am=80&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28124059%3A6036527%3A341388406%3A174256096&bo=expressio.fr&bd=expressio.fr&gw=essencedigitalemeav2553596143685&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatAUCID=-&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=200157&na=2126628539&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:19 GMT

GET
H2 200 pixel.gif
essencedigitalemea2015301593033067.s.moatpixel.com/ Frame 3543 43 B
274 B 25ms
24ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essencedigitalemea2015301593033067.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1010&tet=1073&fi=1&apd=1211&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=expressio.fr&L1id=28124059&L2id=6036527&L3id=341388406&L4id=174256096&S1id=expressio.fr&S2id=expressio.fr&ord=1662584058571&r=855760229483&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatAUCID=&bedc=1&vat=0&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 25ms
25ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALEMEA1&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&cu=1662584058571&m=1224&ar=5aeef158bee-clean&iw=59a4fb7&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=144&lg=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A328%3A328%3A1082%3A327&aa=1&ad=1073&cn=1073&gn=1&gk=1073&gl=1073&ik=1073&ic=1073&ez=1&co=1073&cp=1010&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28124059%3A6036527%3A341388406%3A174256096&bo=expressio.fr&bd=expressio.fr&gw=essencedigitalemeav2553596143685&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatAUCID=-&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=200157&na=1283206437&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 3543 43 B
274 B 25ms
25ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALEMEA1&ol=3233153258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.expressio.fr%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.expressio.fr&lp=https%3A%2F%2Fwww.expressio.fr&t=1662584058571&de=855760229483&cu=1662584058571&m=1224&ar=5aeef158bee-clean&iw=59a4fb7&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=144&lg=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A328%3A328%3A1082%3A327&aa=1&ad=1073&cn=1073&gn=1&gk=1073&gl=1073&ik=1073&ic=1073&ez=1&co=1073&cp=1010&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28124059%3A6036527%3A341388406%3A174256096&bo=expressio.fr&bd=expressio.fr&gw=essencedigitalemeav2553596143685&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatAUCID=-&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=200157&na=951454403&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Sep 2022 20:54:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 20:54:19 GMT

GET
H2 200 sync Show response
fo-ssp.omnitagjs.com/fo-ssp/ 2 KB
850 B 26ms
26ms Script
application/javascript 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=ff994b1ae81894ed5d47f6a21daebe6e

Requested by

Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/ot_multi_template.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

184670d9eaddfdd26ef9d9bf3db2799e0c8b14e75ae3d0d91f40fe0dfe42a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 20:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 752
expires: 0

GET
H2 204 adyoulike
s.seedtag.com/cs/cookiesync/ 0
281 B 87ms
41ms Image
text/plain 35.244.182.124
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 124.182.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:20 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

GET
H2 200 /
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ 0
99 B 353ms
90ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=1&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24620

GET
H2 200 cksync.php
contextual.media.net/ 44 B
291 B 376ms
276ms Image
image/gif 184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 07 Sep 2022 20:54:20 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 20:54:20 GMT

GET
H2 200 sync
matching.ivitrack.com/ 42 B
274 B 175ms
25ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=ayl&uid=000000000000000000000000b00b1337
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.expressio.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 20:54:19 GMT
via: 1.1 google
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.expressio.fr/	1970-01-20 14:35:20	Name: expressiosession Value: usr14ekfvbi2qqols5nrj3sfulc4peaa
.expressio.fr/	1970-01-20 15:25:44	Name: _ga Value: GA1.2.1367390835.1662584057
.expressio.fr/	1970-01-20 05:51:10	Name: _gid Value: GA1.2.2146581236.1662584057
.expressio.fr/	1970-01-20 05:49:44	Name: _gat Value: 1
.expressio.fr/	1970-01-20 15:11:20	Name: __gads Value: ID=628f2dd5071e1585-22e9027517ce00a8:T=1662584057:S=ALNI_MaLw7khVl5P0OsnIz1Aq2pUnRg8ZA
.doubleclick.net/	1970-01-20 15:11:20	Name: IDE Value: AHWqTUnwCgVeNjrTrESPldOfHAQWgrtNfEji6pT38Uffq4U-F1Gqrp0_0MBmH6Qgi_o
.casalemedia.com/	1970-01-20 07:59:20	Name: CMPS Value: 5127
.adnxs.com/	1970-01-20 07:59:20	Name: uuid2 Value: 607441290412987409
.adnxs.com/	1970-01-20 07:59:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlbsvnBl!]tbPl1M>e)ZlrFUfJ+tGXxoe@P)SkP<DyJb8cW:M)zlO<Uv6[X^VgZ0WxG$bpRzqF1`b`IUA6%b
.casalemedia.com/	1970-01-20 14:35:20	Name: CMID Value: YxkE.qh60bExKAjZWfFUfAAA
.casalemedia.com/	1970-01-20 07:59:20	Name: CMPRO Value: 5127
.casalemedia.com/	1970-01-20 07:59:20	Name: CMTS Value: 5160

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://z.moatads.com/essencedigitalemeav2553596143685/moatad.js(Line 138) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	URL: https://af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Message: Refused to execute script from 'https://tag.researchnow.com/t/beacon?pr=287236&adn=3&ca=28124059&si=6036527&pl=341388406&cr=174256096&did=ADID&ord=3527843853&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
af2f32246aa3db397d0e63c992979323.safeframe.googlesyndication.com
cdn.reverso.net
cm.g.doubleclick.net
contextual.media.net
dsum-sec.casalemedia.com
essencedigitalemea2015301593033067.s.moatpixel.com
fo-api.omnitagjs.com
fo-ssp.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
matching.ivitrack.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
s.seedtag.com
s0.2mdn.net
securepubads.g.doubleclick.net
sync.taboola.com
tag.researchnow.com
tpc.googlesyndication.com
tracking.omnitagjs.com
www.expressio.fr
www.google-analytics.com
www.google.com
www.googletagservices.com
z.moatads.com
104.18.18.126
141.226.228.48
142.250.185.98
172.217.16.194
18.168.116.16
18.66.15.103
184.51.8.30
185.255.84.151
185.255.84.153
185.89.211.84
23.35.229.151
23.35.237.151
23.48.23.37
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
34.117.157.22
35.244.182.124
54.220.177.224
54.36.69.212
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4cf85357351fa2f59db735e7b56956ed364c7bc0ef5577ca17d20de02ca60d
10c316905afe0bef37b5611cec97d4682a4e4e3536aa5d0d514e089bb3c9b711
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1406f66685143fe45c25494cfc49af12b57d55848807820461674e2acc50b83c
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
184670d9eaddfdd26ef9d9bf3db2799e0c8b14e75ae3d0d91f40fe0dfe42a3ba
19d89e04f1ba89f51734d0127e629b67ac779b278445f88ddf00ed7fa0248d62
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
21bd6a4cf4d95cb4ac2c2fc98b6c9faa525f0ba66a3b39d9a65fdc08f95676d0
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
27291f6719400a002648994083a2996b3d0483f65c131ccafec799f9860b6e7e
296c3299aca992541615899c9d9f3e515f734a6ee555559e0a2f2e392d5fb88c
3238e65085b7cd35a441edd458a137b93aac3fce322c0718201f265786c414eb
432300c708d5de8f46ddbe2b0192c01626ad91dde1378cf82d85a1e4122b9277
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675aef39398e55ee5a834bbc25e5d3105efb02c5f6e35d8bd4235a3f4be10ad7
6c9300d39f1ea7564dc6edcc06186dcca348d2c9284e3d3e55523b4f5ceecf75
70d7bbb89036c3533dfb2f7ba308868155d263c24b6130f00c69bd4142757794
77ddfb6c805a0e65877410155946465bfc67ab625e4e6eba9cc5c62e3c659d33
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
83c28e7be7ccd2213ab3450da365d022ca6cf1dcf2b0bce1d473a7688a7bb6a5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1bd3ff92cff335e4fdf33f9f5920cebd56c33543636c50b16258a7e9384354
8b37d784bfbdc65842134522264786c58e7072e16e7d99966479989e29344eea
8f84c4ced509262009163e45994b45ed7ee9d4dbac88674be5f2db5c9e5be38e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9c1a1564da5e4ba5ec32324b76ae52243392c79d8f9f756aef4e440ac1fb93d6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a12a7412263953546b69bfae725d85947486bf68b9823f6db1a77951623f2426
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afefb815aa49f48e9aebf0e0fa1619876176b72732d5e5acfe4e6531d2c96f9e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4369c19844a62c90e4fa8b557f2a51e2b19b80c49890b7b3839c9b49679ff6c
b59e43d94cd32f684f5b13526d0d110752105600cd936e277257dcacbb75de83
b91d1199107c3d6a9a0495b2f8174c7d117ca42ecbdd25540b7e4c814ccf0a5f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1298521da7c18ba85a26ac1bd3528e4b93a934183a5685aeae2b35a674cc67b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d252650548ab4da37085c132e675a172fcd65c2bb80c176c1a392226b7ef4529
d3c8ad1a69487f93b4ccdbfcf65e1916894bc5005dd504439c6a0e6d97677c21
de7a94153040ce543be46f9eff988b75af4254f9dfaa4ef09b6f9c016362f67a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6619b0b265ee49780e71c23c37d21ff4551fd157983dcf46921cff9f1e784c5
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
edb5daf130a35d6c9323bb6c4c5487d74f05b8e36fded2965c2c25ee56d71de7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e
f3d77c678e6b1fc09529a3fbc4e5be6c349aa4bae941d291e80bd07dff4254a2
fa2365ffa92d4761037b4583636d1e9485ff9a4ffaa284a6323a4307307af4e3

www.expressio.fr Open in urlscan Pro 54.36.69.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

96 %HTTPS

45 %IPv6

21 Domains

33 Subdomains

32 IPs

8 Countries

1345 kBTransfer

3262 kBSize

12 Cookies

65 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.expressio.fr Open in urlscan Pro
54.36.69.212 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

96 %
HTTPS

45 %
IPv6

21
Domains

33
Subdomains

32
IPs

8
Countries

1345 kB
Transfer

3262 kB
Size

12
Cookies

91 HTTP transactions
1 data transactions