positivr.fr Open in urlscan Pro
2606:4700:20::ac43:491d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen90.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw101?te=W3R5hFj4cm2zw...
Effective URL:
https://positivr.fr/
Submission: On February 16 via manual (February 16th 2021, 3:42:59 pm UTC) from GB

Summary HTTP 184 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 57 domains to perform 184 HTTP transactions. The main IP is 2606:4700:20::ac43:491d, located in United States and belongs to CLOUDFLARENET, US. The main domain is positivr.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2020. Valid for: a year.

This is the only time positivr.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:1cfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	2606:4700:20:... 2606:4700:20::ac43:491d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:20:... 2606:4700:20::681a:c23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	51.158.28.83 51.158.28.83	12876 (Online SAS) (Online SAS)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2.17.177.117 2.17.177.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3034::6815:3a9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.51.89.7 52.51.89.7	16509 (AMAZON-02) (AMAZON-02)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 7	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
1	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.185.226.146 18.185.226.146	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	52.58.180.255 52.58.180.255	16509 (AMAZON-02) (AMAZON-02)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	51.159.25.4 51.159.25.4	12876 (Online SAS) (Online SAS)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 6	18.157.239.120 18.157.239.120	16509 (AMAZON-02) (AMAZON-02)
4	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6 9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
3 5	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	154.57.158.51 154.57.158.51	26558 (FREEWHEEL) (FREEWHEEL)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:d120:1359:acbb:2de6	16509 (AMAZON-02) (AMAZON-02)
2 2	34.249.128.36 34.249.128.36	16509 (AMAZON-02) (AMAZON-02)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.106 89.163.159.106	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.11.29.5 3.11.29.5	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	52.17.12.92 52.17.12.92	16509 (AMAZON-02) (AMAZON-02)
1	94.130.216.200 94.130.216.200	24940 (HETZNER-AS) (HETZNER-AS)
3 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.165.137.101 54.165.137.101	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1 1	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.181.119 34.102.181.119	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.95 64.74.236.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
184	60

1 2606:4700::6812:1cfb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen90.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eventtracking.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:20::ac43:491d (United States)

ASN13335 (CLOUDFLARENET, US)

positivr.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:c23 (United States)

ASN13335 (CLOUDFLARENET, US)

www.flashb.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu

choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.177.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-117.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3a9d (United States)

ASN13335 (CLOUDFLARENET, US)

www.flashbid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.89.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-89-7.eu-west-1.compute.amazonaws.com

dsp.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.226.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-226-146.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.180.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-180-255.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.159.25.4 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-25-4.lb.fr-par.scw.cloud

tn.flashb.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.157.239.120 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ec-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.72.52.19 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.128.36 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Erba, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.106 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.29.5 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.12.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-12-92.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.216.200 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm023.richaudience.com

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.137.101 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.214 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.181.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)

im.thenewco.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.95 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.208 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	positivr.fr positivr.fr	802 KB
20	flashb.id www.flashb.id tn.flashb.id	325 KB
16	zeotap.com spl.zeotap.com mwzeom.zeotap.com	6 KB
15	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	34 KB
12	doubleclick.net 9 redirects cm.g.doubleclick.net	4 KB
10	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	16 KB
8	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	21 KB
7	3lift.com 1 redirects tlx.3lift.com eb2.3lift.com	3 KB
7	gstatic.com fonts.gstatic.com	95 KB
6	yahoo.com 4 redirects c2shb.ssp.yahoo.com cms.analytics.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	20 KB
5	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	everesttech.net 3 redirects sync-tm.everesttech.net	1 KB
4	sascdn.com ec-ns.sascdn.com	13 KB
3	mathtag.com 3 redirects pixel.mathtag.com sync.mathtag.com	2 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	942 B
3	adform.net 2 redirects dmp.adform.net c1.adform.net	1011 B
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	criteo.com gum.criteo.com Failed bidder.criteo.com dis.criteo.com	617 B
3	googleapis.com fonts.googleapis.com	2 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	844 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	792 B
2	criteo.net static.criteo.net	51 KB
2	smartadserver.com prg.smartadserver.com csync.smartadserver.com	3 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	1 KB
2	onetag-sys.com onetag-sys.com	1 KB
2	consentframework.com choices.consentframework.com	174 KB
1	rlcdn.com id.rlcdn.com	66 B
1	simpli.fi um.simpli.fi	609 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	447 B
1	thenewco.id im.thenewco.id	180 B
1	bluekai.com 1 redirects tags.bluekai.com	346 B
1	richaudience.com sync.richaudience.com	524 B
1	mookie1.com odr.mookie1.com	608 B
1	agkn.com 1 redirects aa.agkn.com	381 B
1	crwdcntrl.net bcp.crwdcntrl.net	244 B
1	theadex.com dmp.theadex.com	377 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	361 B
1	taboola.com trc.taboola.com	163 B
1	indexww.com js-sec.indexww.com	1 KB
1	360yield.com ice.360yield.com	512 B
1	omnitagjs.com hb-api.omnitagjs.com	829 B
1	teads.tv a.teads.tv	295 B
1	adotmob.com dsp.adotmob.com	344 B
1	casalemedia.com htlb.casalemedia.com	682 B
1	flashbid.io www.flashbid.io	828 B
1	chimpstatic.com chimpstatic.com	1 KB
1	hubspot.com 1 redirects eventtracking.hubspot.com	942 B
1	sidekickopen90.com 1 redirects t.sidekickopen90.com	514 B
184	57

	Domain	Requested by
52	positivr.fr	positivr.fr
13	mwzeom.zeotap.com	ads.pubmatic.com
12	cm.g.doubleclick.net	9 redirects eb2.3lift.com
11	tn.flashb.id	www.flashb.id
9	www.flashb.id	positivr.fr www.flashb.id
7	ib.adnxs.com	2 redirects www.flashb.id spl.zeotap.com eb2.3lift.com acdn.adnxs.com
7	fonts.gstatic.com	fonts.googleapis.com
6	eb2.3lift.com	1 redirects www.flashb.id eb2.3lift.com
5	match.adsrvr.org	3 redirects eb2.3lift.com
4	pixel.rubiconproject.com
4	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
4	sync-tm.everesttech.net	3 redirects
4	ec-ns.sascdn.com	csync.smartadserver.com
3	token.rubiconproject.com	3 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	spl.zeotap.com	www.flashb.id spl.zeotap.com
3	fonts.googleapis.com	positivr.fr
2	sync.mathtag.com	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	eus.rubiconproject.com	www.flashb.id eus.rubiconproject.com
2	ads.pubmatic.com	www.flashb.id ads.pubmatic.com
2	static.criteo.net	www.flashb.id static.criteo.net
2	c2shb.ssp.yahoo.com	www.flashb.id
2	ads.us.e-planning.net	1 redirects
2	onetag-sys.com	www.flashb.id
2	choices.consentframework.com	positivr.fr
1	simage4.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com
1	image4.pubmatic.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	im.thenewco.id	spl.zeotap.com
1	tags.bluekai.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	acdn.adnxs.com	www.flashb.id
1	js-sec.indexww.com	www.flashb.id
1	csync.smartadserver.com	www.flashb.id
1	bidder.criteo.com	www.flashb.id
1	ice.360yield.com	www.flashb.id
1	hb-api.omnitagjs.com	www.flashb.id
1	tlx.3lift.com	www.flashb.id
1	fastlane.rubiconproject.com	www.flashb.id
1	prg.smartadserver.com	www.flashb.id
1	a.teads.tv	www.flashb.id
1	hbopenbid.pubmatic.com	www.flashb.id
1	dsp.adotmob.com	www.flashb.id
1	htlb.casalemedia.com	www.flashb.id
1	gum.criteo.com	www.flashb.id static.criteo.net
1	www.flashbid.io	www.flashb.id
1	chimpstatic.com	positivr.fr
1	eventtracking.hubspot.com	1 redirects
1	t.sidekickopen90.com	1 redirects
184	81

This site contains links to these domains. Also see Links.

Domain
www.positivr.tv
podcasts.podinstall.com
pro.positivr.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.pinterest.fr
twitter.com
www.youtube.com
eco-sapiens.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
choices.consentframework.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-01-11` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adotmob.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
teads.tv R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-11` - `2021-08-03`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
tn.flashb.id R3	`2020-12-27` - `2021-03-27`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2020-05-08` - `2022-05-25`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
im.thenewco.id GTS CA 1D2	`2021-02-06` - `2021-05-07`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://positivr.fr/
Frame ID: B1A645E419DC98FDB692DBD4BA172490
Requests: 109 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=positivr.fr
Frame ID: 0E9EA050D29742B5DD867276A734F16E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Frame ID: FB9122A59634F7BE30EAC714823C3EB6
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 82F18B43BFE1FDF52B1232C0511C31A9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1613490161960
Frame ID: 4C6353E36FE72D0E6035121B0572718C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BE48B0E5F24CA189410FB9493B3681A3
Requests: 15 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&cmp=0
Frame ID: 1FCFC2F6D5E3DD92509C6A7409CB93EE
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BDAA634EB6210C18EB274F16F1FD1640
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2449ACBA2AA517B83E9610557348035F
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8836065B821940CCBF80599E5FA26AEA
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 00387B93B930559118C5DA51AC4504E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1672028989653979540
Frame ID: 2D7409FCD1684AB9DF3323EBFA385F45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.sidekickopen90.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw... HTTP 301
https://eventtracking.hubspot.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw... HTTP 307
https://positivr.fr/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

184
Requests

99 %
HTTPS

19 %
IPv6

57
Domains

81
Subdomains

60
IPs

9
Countries

1575 kB
Transfer

4731 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.positivr.tv/FR/home?utm_source=positivr&utm_medium=partenariat&utm_campaign=20210201positivrboutoncta&utm_content=site_cta&ctm_country=fr&ctm_bu=b2c&ctm_adchannel=im
Title: Les docus sur POSITIVR.tv

Search URL Search Domain Scan URL

URL: https://podcasts.podinstall.com/positivr-positivr/
Title: Podcast

Search URL Search Domain Scan URL

URL: https://pro.positivr.com/
Title: Annonceurs – Site Pro

Search URL Search Domain Scan URL

URL: https://www.facebook.com/positivr.fr
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/positivr/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/positivr-in/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.pinterest.fr/positivr/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/thepositivr
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/thepositivr
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.positivr.tv/FR/home?utm_source=positivr&utm_medium=partenariat&utm_campaign=20210201positivrmenucta&utm_content=site_cta&ctm_country=fr&ctm_bu=b2c&ctm_adchannel=im
Title: Les docus sur POSITIVR.TV

Search URL Search Domain Scan URL

URL: https://eco-sapiens.com/
Title: Shop Eco-Sapiens

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen90.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw101?te=W3R5hFj4cm2zwW45SBbN4fJgF6f1JyNC304&si=8000000006292576&pi=97e3d37ea9e90cce51661cbfae1ac145 HTTP 301
https://eventtracking.hubspot.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw101?te=W3R5hFj4cm2zwW45SBbN4fJgF6f1JyNC304&si=8000000006292576&pi=97e3d37ea9e90cce51661cbfae1ac145 HTTP 307
https://positivr.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/ROS?rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpositivr.fr%2F&gdpr=0&gdprcs=null HTTP 302
https://ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/ROS?ct=1&rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpositivr.fr%2F&gdpr=0&gdprcs=null

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEERjaZWIhzL3Y1u7SqYpxFA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 124

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9e64465b-706d-11eb-b056-0eb794dee0a0&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 126

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f3df6e8e-5f4d-41fa-9182-22eb433e19c6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 130

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f7ee69cf-a9db-4073-8e9c-8a5bc68aca50&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 131

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=67c34717-5f30-409c-5925-406272dc269e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=67c34717-5f30-409c-5925-406272dc269e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=32155107856202633300289697687152857055&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 133

https://bn01.er.bemail.it/zeotap.php?_bid=67c34717-5f30-409c-5925-406272dc269e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021021616-60843-0.518902001613490168-0b7f13790e7c57371857b08b118fd68f&zdid=533&env=mWeb

Request Chain 134

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6929887499708266638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 136

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=67c34717-5f30-409c-5925-406272dc269e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=67c34717-5f30-409c-5925-406272dc269e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361&bounce=1&random=4024040110 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=APlfs5GXSQivJboq4ifwQO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 139

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-ShoERbh1lw3G9oT0W9xaZN3UMLANV.W8FQ--&zpartnerid=570&env=mWeb

Request Chain 140

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRUwFYZVCEOutt6WPBptJEsN%2BS41iYitP1U%3D

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361&_test=YCvn_AAAAFW2Tyzr

Request Chain 145

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=8066602b-e7f7-4e00-9650-cec0b312017f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 146

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Request Chain 147

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&dcc=t

Request Chain 148

https://tags.bluekai.com/site/87734?id=67c34717-5f30-409c-5925-406272dc269e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPy7gPAwJsbpaTV8Mq1yobw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 153

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D&google_tc=

Request Chain 155

https://pr-bh.ybp.yahoo.com/sync/triplelift/8180551542844596283?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-I8n3NsZ1lwPuyJi.NOM_pjlC2wNP2Mfj3fA4bPtXSQ--&dongle=0883

Request Chain 156

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=234656609155593471&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 157

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8180551542844596283 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8180551542844596283&dcc=t

Request Chain 158

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 165

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1672028989653979540

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vSn7yJuCTuqszeRozYHs8g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 168

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 169

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&addseg=31

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkQyOUZCQzgtOUI4Mi00RUVBLUFDQ0QtRTQ2OENEODFFQ0Yy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFE7DfurDtXBguxBi5fegzE&google_cver=1

Request Chain 173

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3df6e8e-5f4d-41fa-9182-22eb433e19c6

Request Chain 174

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002843518679847438

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:997b602b-e7f8-4f00-8b2f-d94bb0b7e000&gdpr=0&gdpr_consent=

Request Chain 176

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=234656609155593471&gdpr=0&gdpr_consent=

Request Chain 177

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fySVcA11l2JIfLzlSGjmwvlrQYjKWZo-&gdpr=0&gdpr_consent=

Request Chain 179

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8066602b-e7f7-4e00-9650-cec0b312017f

Request Chain 180

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQxNmVjNDhmNWExNWIxM2IxZDg0YTgwYzQ0YzM1YjAwNTNhNmNhOA

Request Chain 182

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Nyz8oFjtdkoxG_ZUUy971Q?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2344376075051626712

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRw30CNBpT2fHqXMiVDlaU&google_cver=1

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YCvn_AAAAGn1kSrK HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YCvn_AAAAGn1kSrK&_test=YCvn_AAAAGn1kSrK

Request Chain 185

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w4NkRTVzYtQS1BMENY

184 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
positivr.fr/
Redirect Chain

https://t.sidekickopen90.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw101?te=W3R5hFj4cm2zwW45SBbN4fJgF6f1JyNC304&si=8000000006292576&pi=97e3d37ea9e90cce51661cbfae...
https://eventtracking.hubspot.com/s2t/c/5/f18dQhb0S7kF8cFzVTW5nD3nR2zGCwVN8Jbw_8QsRtKVnx1FK2BpKfMW16gGzh6F_CFw101?te=W3R5hFj4cm2zwW45SBbN4fJgF6f1JyNC304&si=8000000006292576&pi=97e3d37ea9e90cce51661...
https://positivr.fr/

435 KB
42 KB

85ms
53ms

Document
text/html

2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661b90b03b4a346df9e0dd19b1c4847c65accf7f3e86c0373d802dcaec38e29a

Request headers

:method: GET
:authority: positivr.fr
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dee1b785a9db4763b8744b344894a83931613490155; expires=Thu, 18-Mar-21 15:42:35 GMT; path=/; domain=.positivr.fr; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding,User-Agent
last-modified: Tue, 16 Feb 2021 14:46:54 GMT
cache-control: max-age=0
expires: Tue, 16 Feb 2021 15:42:35 GMT
cf-cache-status: DYNAMIC
cf-request-id: 084d1b093300001edeb99ff000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=408wZLXvFaFQ0xLiOpC40AWqs6eui9ALYdhEBbJ9pSmjb9qbdPAsJ6BBymrk6A1WO2R%2F1DZjPiu2ZFT7UUkWZgZKtb3bz%2F0hxooFeKN%2B6cVmrhkU1%2FlaQg%3D%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62286121e95e1ede-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-type: text/html
set-cookie: __cfduid=d85b62697dd5afba7be6e5980ca4ddc6e1613490155; expires=Thu, 18-Mar-21 15:42:35 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax _hetc=9adfde41-6f1a-4464-a059-9699adf4bb3a|1613490155737|ACOD57cwLAIUZWVmQ2s/MLKqyX8NaRqEftmk5K4CFFIzPHiFCaaricJ+9GhMCMrC7p0g;Version=1;Comment=;Domain=eventtracking.hubspot.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://positivr.fr/>; rel="canonical"
location: https://positivr.fr/
referrer-policy: no-referrer
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 084d1b08970000d6f9510f1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y8ZnHuKrDem5tKkPjW%2FH23gjjHbLhT0DkMeHz%2Buv0WbOOW23J8ugjYIOm8nwWF7awenEYXJgM6TTUKfezIDl3hC0mZmJiMGLsrwPFGlgjNK9PUqIj4Wlp1U%2BOn8giejfa6VdsnjO"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 62286120fa4ad6f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e2f12b23-e90f-53e6-ac18-b6439e1288be
www.flashb.id/cfg/ 37 KB
8 KB 82ms
27ms Other
application/json 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/cfg/e2f12b23-e90f-53e6-ac18-b6439e1288be

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdbfe91c78cd7d515d6dba4e274f5705f36576c7a2f1c6d39b9edfa072cefe84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Origin: https://positivr.fr
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version: 1.9.32
date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6312
x-cache: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09a40000bdd203816000000001
server: cloudflare
etag: W/"c80339ecb484ea6cbcc052f593148e7525470277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gecnmW7BAM18ShRaqbzzRNNnY%2BaJ%2Fug9QwnvxzlLxbp0mA2%2BB21POq2B4qfE8FKEJfSFSnQqOSq%2FXMUBvgn3LLJBNjj5b5smiOltoGds%2F%2FRbrcnrOKbwO5g1"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 62286122ac69bdd2-AMS
access-control-allow-headers: X-Requested-With, Cache-Control, Expires

GET
H2 200 thrive_flat-26c2a0241d17e06994c826650d2a196d.css
positivr.fr/wp-content/cache/min/1/wp-content/plugins/thrive-leads/tcb/editor/css/ 937 KB
84 KB 39ms
37ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/plugins/thrive-leads/tcb/editor/css/thrive_flat-26c2a0241d17e06994c826650d2a196d.css
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c310e8806bb68b85baf52086f6aebdceca5ba997f4bfb5a0059df8a3c0176a5

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=962990
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001ede9c078000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-eb1ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gqUFyBLfl%2FCboWC7nKFe%2BST5LUOXHRsY69zX0NbyXL1YtzZ6yzwo6vsqPOD%2B1P5IRH1j9PXPkOwHKR%2FHT2jdPX479qXTYpuIMxjBnO9nqWp%2Bru5DkeUihg%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a441ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 frontend.css
positivr.fr/wp-content/plugins/thrive-leads/editor-layouts/css/ 57 KB
5 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-leads/editor-layouts/css/frontend.css?ver=2.3.8.1
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85442d6b6bb040b1f8a35a7ffd115ab00e4ac247f7c50e5f66bed3d3f932f2cc

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
cf-polished: origSize=58800
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001edeafa2c000000001
last-modified: Fri, 12 Feb 2021 14:57:58 GMT
server: cloudflare
etag: W/"60269776-e5b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tGFO9INxGf9GsAH5yA1Y4M7jiBrL5dHpZ%2BYjJgauxqKe%2Fl4hUeWlVTtQiyQCPYyJqgPV0QzFR6Q6zuqtGTy8RX6LSlCh1quXRX1zpm7R7vXZcAast8BqzA%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a491ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 mashpv.min.css
positivr.fr/wp-content/plugins/mashshare-pageviews/assets/css/ 776 B
646 B 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/mashshare-pageviews/assets/css/mashpv.min.css?ver=1.1.5
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770ab4d2a03509b6a8277bafd84c2da94917391186a75f2fd3b1d40894b59c37

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001ede663ad000000001
last-modified: Tue, 24 Nov 2020 13:31:38 GMT
server: cloudflare
etag: W/"5fbd0b3a-308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QWYInffNlfouEbzA5UowbLc%2FGFs9rTWPy%2BnO6sWY%2FXpvYAIATloDFb2Rh6lp1jSSMjKQST45VXbjq4RIxOixs5OXZHfjS%2Be14e9O7syD90kbSkasjbmRnw%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a4a1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 mashresp.min.css
positivr.fr/wp-content/plugins/mashshare-responsive/assets/css/ 2 KB
798 B 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/mashshare-responsive/assets/css/mashresp.min.css?ver=2.0.7
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2012339bc122ee8960d4374521eb44cea9bd972d9acbb1b68f91e57ed6f03bbe

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001edeb182a000000001
last-modified: Tue, 24 Nov 2020 13:31:57 GMT
server: cloudflare
etag: W/"5fbd0b4d-97a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2BIFs9UWgtyaQnpKsdJlE7uJD0iQkx9mvAWMaWi8BQIovG%2Fw3al7WMbf88V31pLyHXb1X8ztScZh%2Ft3Qsla%2FMcSaeKK%2FR5O45S5sEV4zA17M6N6xAcSnRw%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a4b1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7959b12fe2fda21b6138ecfbc312bb7b1ed49b5c003a5dd1247a389922a5549d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 15:42:35 GMT
server: ESF
date: Tue, 16 Feb 2021 15:42:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 15:42:35 GMT

GET
H2 200 style-ada6b8245d69d4467e7b762214479f57.css
positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr/ 38 KB
8 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr/style-ada6b8245d69d4467e7b762214479f57.css
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1430bdc185471d9f2a1665d8791a7118560514ea19e5fe1143e38c03c8a179b0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=38804
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001ede45351000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-9794"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=42fXZVu0xM0aoXgBj2uhxmPTGZLlz2AbhcIjQLpxhg7uIKBSzHL2btLSMfl1kYq39biGJvogioCQLdPcOIOdvFOp49V1V0P9Ll31psiCwe%2B1cQWNIi2iPQ%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a4d1ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 style-afc45d2f1a38d7388a70df0367de3a20.css
positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr-child/ 3 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr-child/style-afc45d2f1a38d7388a70df0367de3a20.css
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5996a720571610b2c46ce50574818a6d4ab0afc48c9aa77df1ae165d5eeb9539

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=2891
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001ede578f3000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-b4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3MyI3RRssoteEWiewBxrVYBqHuagcycM0JZCBsOKT0ltMOwr1QIvuqIeZnF95vTPKXoMWQIcNQFpch1Nuc6nO%2BLN%2BC5mI40EAhaPxP2KTN39nnajuqRA3A%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861224a4e1ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 stub Show response
choices.consentframework.com/js/pa/24035/c/YE8ml/ 1 KB
932 B 109ms
33ms Script
text/javascript 51.158.28.83
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/24035/c/YE8ml/stub

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-83.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

6df8837bf88147877c7aa5e68ae6d208bae73857fcac6a6b40384527ff368ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cache-control: max-age=3600
server: nginx/1.11.3
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/24035/c/YE8ml/ 633 KB
174 KB 122ms
47ms Script
text/javascript 51.158.28.83
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/24035/c/YE8ml/cmp

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-83.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

20f8ab73b636742c4cc8cc9414972bc1ea613dea0ca9f3552b2efe9f2884a620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cache-control: private, max-age=3600
server: nginx/1.11.3
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8

GET
H2 200 jquery.min.js Show response
positivr.fr/wp-includes/js/jquery/ 87 KB
30 KB 45ms
45ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b096f00001edeacb32000000001
last-modified: Sat, 12 Dec 2020 09:07:13 GMT
server: cloudflare
etag: W/"5fd48841-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ceFBPCmHDROV0XoMyeItCiDt8IPNe65mx0buG35uMiSwAaW82v%2FTinIvicZPXpIAmSLu9uvru%2BzIPUS6oZ3cPmVUmhAqjHRZ6HNFmiW2BQedjE9TuHp1vA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622861224a4f1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
positivr.fr/wp-includes/js/jquery/ 11 KB
4 KB 41ms
35ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001ede621ba000000001
last-modified: Sat, 12 Dec 2020 09:07:13 GMT
server: cloudflare
etag: W/"5fd48841-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FMQvClTNcDHAXpG1H1AolvkgRneNDbEFroV7ggG%2BGaXQpanRrdkPoJ0WersRpCty%2FRsd4DV8DvuTevU4OZUZNESbccmvedwlsXl4POfClj%2BquCQYWS9RrQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbd41ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 frontend-gtag.min.js Show response
positivr.fr/wp-content/plugins/google-analytics-premium/assets/js/ 9 KB
3 KB 40ms
35ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=7.16.0
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3313350a1de35688f99709c12966d2bc522cbf8be48fd5a140f72550985e12e5

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bc00001ede4d245000000001
last-modified: Thu, 11 Feb 2021 16:04:44 GMT
server: cloudflare
etag: W/"6025559c-2374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3LeCMR8WfxolP%2FfEQaZirURdPc3F6b41VuWrCYspjAOhnRayVfUtOtXvfxQVuRKpzzXAsbJrnG8VgW0ofy%2FQdDC6G7seBv8fDl92cM1m%2BlH5T4r8xhjCNw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbde1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 header.min.js Show response
positivr.fr/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 2 KB
1 KB 41ms
36ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.3.6
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a86c63cdcc202d5406a7b576ed936341fb71d9aed6ec6ee6ae21623a41d3d0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bd00001edeb4170000000001
last-modified: Sat, 26 Dec 2020 14:26:52 GMT
server: cloudflare
etag: W/"5fe7482c-9cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N1OG9hf5g%2BaeIfMRFLMkZnulUjQpPYVVNdMw0uYEVZEsog2axhKcKRcElCASBK%2FW4dYmS8La4poheZpvAInVIhNPQXtFheJoycFiK98s5YBWQe%2Bfd1XbGQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbe11ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 moxie.min.js Show response
positivr.fr/wp-includes/js/plupload/ 86 KB
26 KB 37ms
32ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d844b53c99f2e305290ff770652ff90b796eef0741eafcbbbefc3e30bb2415

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bd00001edeafa3c000000001
last-modified: Thu, 04 Feb 2021 04:04:58 GMT
server: cloudflare
etag: W/"601b726a-15689"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l0Fw85FkXwIeh6J%2FxT5QLXtH4ctFY9QIxMOvDqcjW4Hl1%2FOIW82vr%2BYcAjBn7R8falGJDGwAMuGJO%2BhQZzbSZFeGIUXFDeMsYeVMJWLTlwY4JZCg81dqcw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbe61ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 plupload.min.js Show response
positivr.fr/wp-includes/js/plupload/ 15 KB
6 KB 35ms
30ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09be00001ede7b9be000000001
last-modified: Thu, 04 Feb 2021 04:04:58 GMT
server: cloudflare
etag: W/"601b726a-3cfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SUiQLGNJsYS0ZzaPA4Vz%2Fpwa4OWh9oTrKwK7tLv0AgPXYxchuk0poH4gcfxQ7b39XbEBbjubxOp4R8dPf0ly%2FhvsO7rcn9plZm6TUQht%2BArUS14pVRr1PA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbe71ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 mashga.min.js Show response
positivr.fr/wp-content/plugins/mashshare-google-analytics/assets/js/ 14 KB
2 KB 34ms
28ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/mashshare-google-analytics/assets/js/mashga.min.js?ver=1.0.9
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5840e94efabf1258e36d295ab51c7dde92f30c488100746cfa82d7fbaddb86f

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09be00001edea6ae3000000001
last-modified: Tue, 24 Nov 2020 13:30:56 GMT
server: cloudflare
etag: W/"5fbd0b10-39d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TgZwpjC3aZkTky4MqZIj3ujMOhkwAo0TMlKBt%2BnmRrA36EdG9nngJNmE1rYp7kz1NyZy8OxtIH5T6FyAiVgJiTRKQcq9aj431mGZICi%2FetBilXdkhZk3kQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbe91ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 hbdbrk.js
www.flashb.id/assets/js/ 0
51 KB 87ms
46ms Other
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/hbdbrk.js

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6363
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx639c7535d591434b95e68-00602b96cf
x-amz-id-2: tx639c7535d591434b95e68-00602b96cf
last-modified: Tue, 16 Feb 2021 08:22:41 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:bae8eaaeab46cb65ec2714500bf259cb
etag: W/"bae8eaaeab46cb65ec2714500bf259cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1yX1uCy3vwtCf8seQxuMbPitoT18RNawHc9qNE2qAOKbWmSa6D%2FbUMVoAmJ5hysikPyBv09OHxMOk7mVa2HoDA9M7DvEGfoyyBfXiTX%2FR1L3wUUOj7qHLqyG"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
x-amz-version-id: 1613463761945432
cf-request-id: 084d1b09e30000bd9133287000000001
cf-ray: 62286123083cbd91-AMS

GET
H2 200 hbdbrk.m.js
www.flashb.id/assets/js/ 0
47 KB 74ms
33ms Other
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/hbdbrk.m.js

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6347
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx788a6f08baf04bc995bc7-00602b96d8
x-amz-id-2: tx788a6f08baf04bc995bc7-00602b96d8
last-modified: Tue, 16 Feb 2021 08:22:42 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:fa69c03fd8e60c9d7f253a600f7431d5
etag: W/"fa69c03fd8e60c9d7f253a600f7431d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x6NL0%2BcbBBISAphG8VtJrXv76UgBgdoz%2FyYZe4zgXJznKgY%2B%2FikxmZTMajRyxx3oqhRvfxkE6egfNK4A2lH7e6FjcA986%2BfIFFlYHeDH5oAeDKMJr%2BP9FH7s"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
x-amz-version-id: 1613463762095953
cf-request-id: 084d1b09e10000bd912e860000000001
cf-ray: 62286123083abd91-AMS

GET
H2 200 hbdbrk.m.js Show response
www.flashb.id/assets/js/ 154 KB
46 KB 133ms
84ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/hbdbrk.m.js

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ab467d7288ba4d1d604c0c1e8ee1012912e6d488c3aeeb39a540d68dc56b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Origin: https://positivr.fr
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6312
cf-ray: 62286122ac6cbdd2-AMS
access-control-allow-methods: GET, HEAD
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx0ae4306b19814233897f3-00602b96df
x-amz-id-2: tx0ae4306b19814233897f3-00602b96df
last-modified: Tue, 16 Feb 2021 08:22:42 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:fa69c03fd8e60c9d7f253a600f7431d5
etag: W/"fa69c03fd8e60c9d7f253a600f7431d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MTNyurjfEI4aehBRSogI5T3chCFAcxj5BEMcOnA5rS4Ad9T%2Fp6zlkYGvLM5L760ewtXBp%2FX5ChikLMAHBkVhLZn8VO2oGek8WtvA0ZQwdbX%2F%2FjPQSunas2pr"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1613463762095953
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-request-id: 084d1b09a80000bdd2a7239000000001
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 dashicons.min-646ddd0bd42cd3e892d2da5fbba59bd0.css
positivr.fr/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-includes/css/dashicons.min-646ddd0bd42cd3e892d2da5fbba59bd0.css
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc01b48174eaf9f9733982acb2891053fbb22f16a8c975dacd5466627725c7d

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=59107
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b098300001ede53a9e000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-e6e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3VHq1%2F23wFNk5SqakgwmqkfP7grnYC2G9fr8wuUQHuRclIoAprQfyK%2BL0KBsH9ufRLzKtNuGGpjNqssXnkKHkDFOg1yK6Qv%2BzkHncfv76X4BcF8BuN%2FK2g%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861226aac1ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 display-structure-96b1753a0d91b47ec1d2c186097ca932.css
positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/css/ 17 KB
3 KB 25ms
25ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/css/display-structure-96b1753a0d91b47ec1d2c186097ca932.css
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d313809d9e011adbeba0d910908d7231b2a076859ba9dd4b87bff75c292e45

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=17058
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b098300001eded0143000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-42a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EnS%2F8leQQV0mbrdvmClUci8Tosxd86Yfi%2BPNmL7%2Fe4LvN3CtuZFwOe8T9dh7Hn1DhRmPSSlm5%2FVKX2MP9e7EOWWgLpBkLGeAfyeuRRsBCgK0jlE6B5j0CA%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622861226ab71ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 triggers.min.js Show response
positivr.fr/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 4 KB
2 KB 33ms
28ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.3.6
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2cdf12510c0fd497d9d39a74f60dc7822572083ae2009e065184a39b1030414

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001ede54078000000001
last-modified: Sat, 26 Dec 2020 14:24:53 GMT
server: cloudflare
etag: W/"5fe747b5-11e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8r8JV%2B8Srqz0G9eyDFJOlG8zA%2F%2BcgD%2BzAWNcYRJW1uBWpMyDxsiueisvtmWHXAx4DF0FOY6eLPBmoeu9duci4wf4JiSmeb0nE98oIb03S5%2BOX6Zp4Lr0A%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbec1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 imagesloaded.min.js Show response
positivr.fr/wp-includes/js/ 5 KB
2 KB 41ms
36ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c200001edeacb39000000001
last-modified: Fri, 14 Aug 2020 11:41:20 GMT
server: cloudflare
etag: W/"5f367860-15fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yjBy3t5%2FbyY7xAqs%2B9MPkO2h079NKV3ONnKxt99ezGbGeOb1rG8Ook%2BYhgwzLTBWTAn4ZQ4LjZiN0Py9DyYZk%2BFul1jWWjB9u5YqShxG9%2FVl79uD9e%2BBZA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbef1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 masonry.min.js Show response
positivr.fr/wp-includes/js/ 24 KB
7 KB 37ms
33ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001ede95097000000001
last-modified: Fri, 14 Aug 2020 11:41:20 GMT
server: cloudflare
etag: W/"5f367860-5e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J%2B9s2YtL%2FGtb7wtXSm7zX02zTy29JjpNjHilgJoxNeFVzTiR8n6tB1qEidnMvpb%2FGbG2FUKCGL7RiyQjp0CDA8XlbOMj%2Fr4gHDKp%2FiR4XEhnU6swjz4U1g%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbf11ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 jquery.masonry.min.js Show response
positivr.fr/wp-includes/js/jquery/ 2 KB
951 B 29ms
25ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001ede578ff000000001
last-modified: Wed, 09 May 2018 12:47:26 GMT
server: cloudflare
etag: W/"5af2edde-71b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lP50pvT1pYXfBZ5ZaRtjWfff48DM%2BGkpYx%2FoEIautUoczgiXE%2BCpOLvN1e%2FDpxeiYFFlPKUcxrOs3iBbYKwItEhJ%2B4PGqlY7EmjeSS4lj4krHNDptKrYAg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbf61ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 frontend.min.js Show response
positivr.fr/wp-content/plugins/thrive-leads/tcb/editor/js/dist/ 270 KB
71 KB 49ms
44ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-leads/tcb/editor/js/dist/frontend.min.js?ver=2.6.6.1
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391906568598e640aaef77123d1c8e2bba422ba7b1e6c109958e11bbd424b255

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001edea0903000000001
last-modified: Fri, 12 Feb 2021 14:57:58 GMT
server: cloudflare
etag: W/"60269776-43712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0n971NQiPtDXxdPCdfs1%2BSjDZF4j%2FOyvfoVRyvA4ipcGCI%2F1Wlfd6npWOu33xpGkUgzx6pd%2Bk9d%2FY6%2F6bgBk%2BRWPXVKZy%2BtYksGaq19n98%2FXr%2FPtkH69Ug%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbf91ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 frontend.min.js Show response
positivr.fr/wp-content/plugins/thrive-leads/js/ 27 KB
7 KB 30ms
26ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-leads/js/frontend.min.js?ver=2.3.8.1
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a78780139f4a01ff424666fb8ba410b7af857c2135988b967ec337df0fa175

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09bf00001ede7382e000000001
last-modified: Fri, 12 Feb 2021 14:57:58 GMT
server: cloudflare
etag: W/"60269776-6b06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uq7jPz4NP0fJorwyNbn5KzmZsgL2sMWMdmt9J6LQ56LemtYvc6MdZrDDxPaWIrp5CUYByPdEx3Aso164yYhCE4jjOhCgZBpGG%2FYS%2F3znQ9zmxeQdD%2FI7eg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cbfd1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 wcs-gifting-0faf7e391590b04286e7f2a71e5216b6.js Show response
positivr.fr/wp-content/cache/min/1/wp-content/plugins/woocommerce-subscriptions-gifting/js/ 2 KB
1 KB 36ms
32ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/plugins/woocommerce-subscriptions-gifting/js/wcs-gifting-0faf7e391590b04286e7f2a71e5216b6.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6c7bbad74e6de457827cd8782584756f342b837af2a1d6dc0c023f3b1dc5dd

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c000001ede53379000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-81d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fdU13yZSwyYE3BckTQL524IgU4LZpQvPuzAw4M7crgzyEvSCMCSSFbTkqLG66WwLQ9xeU1P1MtGvHvqEYcAHhvDp7qBXarMMoK1SItRTMJ1AHi%2Bta%2Bv7LQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc021ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 theme-4c8caf413d987f4b16cfee35aa6c3750.js Show response
positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr/js/ 4 KB
1 KB 39ms
35ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/themes/positivr/js/theme-4c8caf413d987f4b16cfee35aa6c3750.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18df49ebba2a4d7413ab60b1fa97ed64344f57289a2b4c4c81142b6a72d7df0f

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c000001ede629fb000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-1114"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nvK5aCQchmBDC2hWqL0JmqelZEHjdcxzwo6nL%2FZ4RIlNqBPwy7X1G9Qbmws3%2BeJDYSOM%2B1t%2FvYCOHHJd74W5xWCIwNkwAFfTwf5XBfXEt184byGOn8rADA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc061ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 frontend.min.js Show response
positivr.fr/wp-content/plugins/thrive-leads/thrive-dashboard/js/dist/ 3 KB
1 KB 37ms
33ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-leads/thrive-dashboard/js/dist/frontend.min.js?ver=2.3.8
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c100001eded014b000000001
last-modified: Fri, 12 Feb 2021 14:57:58 GMT
server: cloudflare
etag: W/"60269776-b69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SMR1SLp3Hk5WXn7lTOqhCSYvqnvXxAIicjv1IyOw974b3o4cmNrk4Psk7hDIYaYgr60pSm496SmLVhvd4i8OzP0Or9B4wENkNW08Lk5eL6YVNQfTkvleHw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc091ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 wp-embed.min.js Show response
positivr.fr/wp-includes/js/ 1 KB
1 KB 37ms
33ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/wp-embed.min.js?ver=6ab746
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c100001ede4535d000000001
last-modified: Thu, 04 Feb 2021 04:04:58 GMT
server: cloudflare
etag: W/"601b726a-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tc36%2BXyIr9Ehaa%2BRMueaKevDVZFsTBlaUGvOjADilxnHdNrpbNFxEOWBA4W6v6sEAxvH3DdNlFARDJle%2BaP9%2FdaSdLzmHguLfMW1rY%2FG%2BCyFjQq64O%2BjLA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc0d1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 underscore.min.js Show response
positivr.fr/wp-includes/js/ 16 KB
6 KB 34ms
30ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c100001ede629fc000000001
last-modified: Thu, 04 Feb 2021 04:04:58 GMT
server: cloudflare
etag: W/"601b726a-3eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w4%2FNayHIFeE30ygvI2gL0TGLbgudL%2FniHKj9UQ1rD8G2kOBHkFp9bc7IQHzNUFseN3zVQrnlIEPg%2FidlQ9Ve7DQ3ZDkdlNmP%2F4jqpjh48KaJ6z2E770Wqw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc141ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 backbone.min.js Show response
positivr.fr/wp-includes/js/ 23 KB
8 KB 46ms
42ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f9e7a6e11308489179c7ed15c1adc9a3d6f81bdfed8481481bc4998a4880754

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c200001ede4d247000000001
last-modified: Thu, 04 Feb 2021 04:04:58 GMT
server: cloudflare
etag: W/"601b726a-5d14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1sfx%2ByXr8cThYo5J7XvBpyrjOG%2BH%2FD24ufU26G%2BLguLinG560dki4nPiyxe06D0E1eyI5rGP4SITyuWopjIQuq%2F7EpEDnwFUm1kb3ZDViTvG5%2Bj%2BayP1sQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc1a1ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H2 200 front-end-deps-60ca900c50349cc88247ce7227315514.js Show response
positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/js/min/ 57 KB
16 KB 44ms
41ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps-60ca900c50349cc88247ce7227315514.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba12ce3dadb67a7cdb779bd38352ccf80e7f261ede06f1c2e4b609bc9dcd0fe4

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=58785
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c200001ede4487e000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-e5a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PRpQTNaUgYf6LR7ruOAt%2B1DBPs1lIzR%2F58fJgLuIqR%2BhV2R3lIIuvLxcJp4thNT9lvycxaGTfAEyNmll7nSSd2Ws3xmRA08TDYkz593sj24OlTDaxspkww%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc1f1ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 front-end-d43f4b59ae0a27c278f1764ac0541902.js Show response
positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/js/min/ 111 KB
21 KB 54ms
51ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/cache/min/1/wp-content/plugins/ninja-forms/assets/js/min/front-end-d43f4b59ae0a27c278f1764ac0541902.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69983fe272868eb30bbe3dc3631e07ba0b2dd870576acbdac6109ea585f3f1ab

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182805
cf-polished: origSize=114158
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c500001eded014d000000001
last-modified: Sat, 13 Feb 2021 16:09:35 GMT
server: cloudflare
etag: W/"6027f9bf-1bdee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAVHwiXcAA8ckd%2BYQh0HMzJKy12Us7lGcfwTLBRvZIpQ7UcqKUnZ1pP3jHfdSx%2B3yCWG97eFuQIw3LnuLvBp7BY1JoeHSlNLmJCEBvmavKtEKtfaYtQVJw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc221ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
H2 200 lazyload.min.js Show response
positivr.fr/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 65ms
62ms Script
application/javascript 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182806
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b09c300001edecc38c000000001
last-modified: Sun, 07 Feb 2021 09:54:11 GMT
server: cloudflare
etag: W/"601fb8c3-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HZcx5eQTLSECMpjlJ3Nx0JetbXHzvsQCMHH7aiNUWljCl0n18vaq%2FtdxNAPvXkdOTtrfhqwqwvbHAJ3dc0mzAOcZgMah%2BxNQDCfoCVF6cibmGX5ffzS8oQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62286122cc241ede-AMS
expires: Wed, 24 Feb 2021 12:55:50 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e93f3def3ff300944fb0dd2284ad1c7dc0774639658413d9240fba29c60d5396

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9bd1ae02933b23662d60dd6af40a57450e78d7ff688792fb78cef5c348c93af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e403efa9f01e858f73277bd386a6e5e81ac731542ea07a758a327d15a24295f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c6f59568daa92440b86989c65cd80e534bdb6790431dbf46ed34e6bad60b652

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 80474
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 15 Feb 2022 17:21:22 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 386222
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:34 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v15/ 14 KB
14 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 18:30:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:01 GMT
server: sffe
age: 594700
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14028
x-xss-protection: 0
expires: Wed, 09 Feb 2022 18:30:56 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v15/ 14 KB
14 KB 41ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:11 GMT
server: sffe
age: 441958
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14024
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:38 GMT

GET
H/1.1 200
OK b7884306c41da631836f4d98c.js Show response
chimpstatic.com/mcjs-connected/js/users/08c94e2c539fb1f8f162a79c6/ 2 KB
1 KB 108ms
37ms Script
application/javascript 2.17.177.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/08c94e2c539fb1f8f162a79c6/b7884306c41da631836f4d98c.js
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-177-117.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 08:08:01 GMT
Server: AmazonS3
x-amz-request-id: 1CE1BA2C53B713FB
ETag: "4b60d3ea13c42468679685c32a1680ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 653
x-amz-id-2: ejsK/zcUspVlS8Jo3eIL6ALCKE5cetc3tnwhhp9Pbqp/PQkj4O92sl5v/mrSck6aEYNmGQ3IE+g=
Expires: Tue, 16 Feb 2021 15:44:20 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 0.60db537c213d9a97fd96.m.js Show response
www.flashb.id/assets/js/inc/ 46 KB
16 KB 39ms
37ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/inc/0.60db537c213d9a97fd96.m.js

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489e46f8d390cb6fc3664a8a3a7b868926eca7ee069dd831e2e3d9aa633c0225

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6360
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: txaa774f1d90934899ae99f-00602b96d1
x-amz-id-2: txaa774f1d90934899ae99f-00602b96d1
last-modified: Sat, 06 Feb 2021 13:54:32 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:0bcc778597d8e6cc1b6dc7cf0827e89c
etag: W/"0bcc778597d8e6cc1b6dc7cf0827e89c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HJ1ZQAeUzNdgmemcz9CovOVaiQP1GoKEHczBYRqc56dc7J%2B8I2Y2OkonwTD1%2F8zOpx7UAViRm27wDcSfC7zlJTlrTocvth7gc6SPyb4zB0VzD26XRVQftOwm"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 1612619672147627
cf-request-id: 084d1b0bdf0000bd91412b9000000001
cf-ray: 622861263a1dbd91-AMS

GET
H2 200 1.94442bb8e55d60796f74.m.js Show response
www.flashb.id/assets/js/inc/ 130 KB
32 KB 59ms
58ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/inc/1.94442bb8e55d60796f74.m.js

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b7818b7faada69962937a8dbd7914a9bb875b1e4e972edaf921f6b2f4f055b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6360
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx30b0a1bd24514ebab0473-00602b96d1
x-amz-id-2: tx30b0a1bd24514ebab0473-00602b96d1
last-modified: Tue, 16 Feb 2021 08:22:41 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:54631b9da952e8e2a9f1f50764d56e4b
etag: W/"54631b9da952e8e2a9f1f50764d56e4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wZUZ3Dc4YAbrcGwEeETz2gP3xD1AOV9YzbIRcgqWvldSbm1rl2nnBXprJDhY9XJFDHPOTJJ0TZQ%2BycUsoyQ8bhqEYWqwJM5YrYzuNaAyAyaE3zm9suNl94l6"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 1613463761794200
cf-request-id: 084d1b0bdf0000bd9147a36000000001
cf-ray: 622861263a20bd91-AMS

GET
H2 200 2.7746b600663d695d4d5c.m.js Show response
www.flashb.id/assets/js/inc/ 324 KB
97 KB 48ms
47ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38de9acd2cbc2438a5e2e6fe72992ad52fe38a7c909ed149cd11fe340fd95997

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6360
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx4398b303914b49a697e3a-00602b96d1
x-amz-id-2: tx4398b303914b49a697e3a-00602b96d1
last-modified: Sat, 06 Feb 2021 13:54:32 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5cef4b511cfdd353af4d4255a6f0e876
etag: W/"5cef4b511cfdd353af4d4255a6f0e876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VN71SRtzMHspQW26p33hoalZD1%2BibDhyjubTytbp39%2FYEA0E9VxkdZkm2r2s9RqOwkiSLRhnEQbi24Ur9kKWWm2DYXHBMB3QEz7%2BkwRhp8Y21AtHtDZbV%2Fp2"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 1612619672749183
cf-request-id: 084d1b0be10000bd9147a37000000001
cf-ray: 622861263a21bd91-AMS

GET
H2 200 3.8ecab9f2f2d9fb974b23.m.js Show response
www.flashb.id/assets/js/inc/ 2 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/inc/3.8ecab9f2f2d9fb974b23.m.js

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d42ffba5184384286fc72b9e6f2f5822e850be740dccf82da35b512a3d64551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6360
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx8f52c5526f21472ca259e-00602b96d1
x-amz-id-2: tx8f52c5526f21472ca259e-00602b96d1
last-modified: Sat, 06 Feb 2021 13:54:33 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:abb4e2f9caeaccd296cebead7a602b8e
etag: W/"abb4e2f9caeaccd296cebead7a602b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AUrXm%2FXBnpJk%2BY%2FNF7kYcfjb9UeddoBaG7V5x7dGNk%2B8Mi0eZpp9jAQCrLXey5dOi9BrCzSJm4YXPD4pXNN%2FJ9l8znxcnKpdgonPuuenhLmEYH9WXWeIdDBy"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 1612619673026759
cf-request-id: 084d1b0be00000bd91692a2000000001
cf-ray: 622861263a22bd91-AMS

GET
H2 200 host_1_3_25.js Show response
www.flashb.id/assets/js/ 64 KB
25 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:c23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashb.id/assets/js/host_1_3_25.js

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e637ec89eb7cdb3dcd1e677146bbc1c6fc930295843d482b1a662193a66e2843

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: txd37812ca8f33463895365-00602b96d0
x-amz-id-2: txd37812ca8f33463895365-00602b96d0
last-modified: Mon, 15 Feb 2021 16:29:37 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:c4b54efd8a65d2e8e77cafaf6fbc597d
etag: W/"c4b54efd8a65d2e8e77cafaf6fbc597d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IOah8lIWJuHzyhmv0ongJXJ62M5prPIAb2GcFtCQXBDDFn7xEpq8bMunq6JIGs0nhXQ7waD%2FpiqYo78bbybZGjYTU7iomZg6eZ0mg%2BKdKsIX32Bd9hquUmV1"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 1613406577689612
cf-request-id: 084d1b0be00000bd912c9fa000000001
cf-ray: 622861263a23bd91-AMS

GET
H2 200 e2f12b23-e90f-53e6-ac18-b6439e1288be Show response
www.flashbid.io/geo/ 64 B
828 B 103ms
66ms XHR
application/json 2606:4700:3034::6815:3a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flashbid.io/geo/e2f12b23-e90f-53e6-ac18-b6439e1288be

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3a9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7f7a4af0d22fd17ad3495876b42b8a1966e9b27645e066993e7c5956101ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version: 1.9.32
date: Tue, 16 Feb 2021 15:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: BYPASS
cf-request-id: 084d1b0c0100001f41f932e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mix97qM4PcGv%2FKIwc0PNU8i8rMlFC7jwT84vTWm2ZifYkfzaEvK10sk7SLsnwBurru5eCswWlqgCaZ8j74BZvPwjX52dJbyTj%2BPMK%2Fgxss1hQxUD9K%2BFLjPI4cY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 622861266de81f41-FRA
access-control-allow-headers: X-Requested-With, Cache-Control, Expires

POST
H2 200 admin-ajax.php Show response
positivr.fr/wp-admin/ 26 KB
6 KB 602ms
600ms XHR
application/json 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://positivr.fr/wp-admin/admin-ajax.php

Requested by

Host: positivr.fr
URL: https://positivr.fr/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3030cc7e8df3834904b7236ce159376da554d400b2bf9ebe5aca7a375b00227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://positivr.fr/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 16 Feb 2021 15:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b0c1800001ede49b66000000001
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lWxOKPT%2FWKPjvB4ASX0%2BD4178ChQ0vdWrbRgtjUwdtwEZTcwoxEdOffAbJouDJuGhjW1GbqFb6A2GuGZkEBiFUgjElHOIZKY567dIQ8XXQp3QzM7r7IqnA%3D%3D"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://positivr.fr
cache-control: no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials: true
cf-ray: 622861268df51ede-AMS
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 positivr-logo-v4-color-200.png
positivr.fr/wp-content/uploads/2019/01/ 5 KB
5 KB 23ms
18ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2019/01/positivr-logo-v4-color-200.png
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b059297e97495d4edf2f0615c73998af1989a4a3ef8811530302086017f0ea19

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182810
cf-polished: origFmt=png, origSize=10097
content-disposition: inline; filename="positivr-logo-v4-color-200.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4920
cf-request-id: 084d1b0c4400001ede540cc000000001
last-modified: Fri, 25 Jan 2019 16:08:28 GMT
server: cloudflare
etag: "5c4b347c-2771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tIV6jOLm21addk0VdNEdLkZqY1A8rzqGePJQ7NvDG4RNzCIqakG%2BluNHy4eCgazfmCqd3xcQK%2BLr52bSXCSkiuwO%2Bo2y8zPIkFAgUPWvNUeZ8WR5mH6Klw%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 12:55:46 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126decb1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 Copie-de-Copie-de-POSITIVR-Une-5-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 19 KB
20 KB 23ms
19ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/Copie-de-Copie-de-POSITIVR-Une-5-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e37db8dd8b420d68c43ad5c83cdab3645331dccfaa73ddf28415dca7c0f7cc

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 28378
cf-polished: origSize=19836, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19803
cf-request-id: 084d1b0c4500001ede8e35f000000001
last-modified: Thu, 11 Feb 2021 10:36:58 GMT
server: cloudflare
etag: "602508ca-4d7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8U1VY6kQvU0kycqrNaioDFSSeS1JJ3u%2FhQFM6Ljeq8PstKTnlrSgfFu%2BTE3zoW2KEOcGn9Ae7PRqTS1g3OIZpplaIR%2FDd4P19g8lGnv0XIzkYGbr84wkmA%3D%3D"}]}
content-type: image/jpeg
expires: Fri, 26 Feb 2021 07:49:38 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126decd1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 audrey-pulvar-pedocriminalite-fille-d-un-monstre-une-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 25 KB
25 KB 40ms
36ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/audrey-pulvar-pedocriminalite-fille-d-un-monstre-une-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5365337fc750c74a6c38295cb2beeec715a147c5331221c5d278270a0212e8

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 101539
cf-polished: origSize=25497, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25464
cf-request-id: 084d1b0c4500001edea30ba000000001
last-modified: Mon, 15 Feb 2021 11:24:27 GMT
server: cloudflare
etag: "602a59eb-6399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X57FtF2B64nRIR7FDFDOoHyNHO03sUiDxP%2BfQ0CC74gB40vhoR%2FFLtJ6kG52U50E6NC7ba4nRvolijLFO%2Fl7%2B8f5fNAdxmOBPL%2Fc%2Fu4A0vnY3imb%2BRkLog%3D%3D"}]}
content-type: image/jpeg
expires: Thu, 25 Feb 2021 11:30:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126dece1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 saint-malo-sous-la-neige-vue-du-ciel-drone-une-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 62 KB
63 KB 26ms
22ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/saint-malo-sous-la-neige-vue-du-ciel-drone-une-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009895283ea6c64f4a0eaace2cf206538a6f141503896b25fcb2d5cc666fc047

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 114130
cf-polished: origSize=63507, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63474
cf-request-id: 084d1b0c4500001ede6309c000000001
last-modified: Mon, 15 Feb 2021 07:49:34 GMT
server: cloudflare
etag: "602a278e-f813"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1rZ5YFW7FOsRK3rEcb2SOYCU0%2BKSDzvduEjVjO7N0QWVOzcqn6TDkQqRgFrK9NkkmoDttHmsjeBDmqPEQvLAjv%2FgRxDgRg0c2OdZigfgosJv4KKG5XQOaA%3D%3D"}]}
content-type: image/jpeg
expires: Thu, 25 Feb 2021 08:00:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126decf1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 piege-a-frelons-asiatiques-invention-vigivelutina-une-2-125x66.jpg
positivr.fr/wp-content/uploads/2021/02/ 3 KB
3 KB 25ms
21ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/piege-a-frelons-asiatiques-invention-vigivelutina-une-2-125x66.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9d313005eebc0f887cb620c64520c982adfa4418d432c5fbc81bcca8c81cbe

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 115321
cf-polished: qual=85, origFmt=jpeg, origSize=2732
content-disposition: inline; filename="piege-a-frelons-asiatiques-invention-vigivelutina-une-2-125x66.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2690
cf-request-id: 084d1b0c4600001ede43920000000001
last-modified: Mon, 15 Feb 2021 07:15:07 GMT
server: cloudflare
etag: "602a1f7b-aac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X2zyYVsiQO%2BDhiAGX0UOfWDcxrlYU1%2BamLRwR540%2Bc9lbki%2BvOsltCSczyi3uFQjcwULnaT0o6LglLY%2F7r8zW9JNoVx1meTYRevOdcZqUMyHSh11FOyrsA%3D%3D"}]}
content-type: image/webp
expires: Thu, 25 Feb 2021 07:40:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded01ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 precarite-menstruelle-etudiants-interview-une-125x66.jpeg
positivr.fr/wp-content/uploads/2021/02/ 2 KB
2 KB 39ms
35ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/precarite-menstruelle-etudiants-interview-une-125x66.jpeg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca917889b8ace24b01fa656053fa899520310d3d979a2d2900076a5454395cc

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182444
cf-polished: qual=85, origFmt=jpeg, origSize=2239
content-disposition: inline; filename="precarite-menstruelle-etudiants-interview-une-125x66.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1922
cf-request-id: 084d1b0c4600001ede9c0af000000001
last-modified: Sat, 13 Feb 2021 10:01:26 GMT
server: cloudflare
etag: "6027a376-8bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aUUw0O6QKwHHPNdkVr9UChneVAnCwCZJUpzSg0STPQPpZXvmWeKUhpEOugFRNhb26Jbq2pQs1GGiNDKY2XR9NvkXQyzs632LVth75Eu2zUtGRjyJQTG8Gg%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 13:01:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded11ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-125x66.jpg
positivr.fr/wp-content/uploads/2021/02/ 2 KB
2 KB 23ms
19ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-125x66.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5553401351eb4dadb2ae7bf9c83da068fe1401545237d2334d51bc1adfb4f45

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 180593
cf-polished: qual=85, origFmt=jpeg, origSize=2162
content-disposition: inline; filename="je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-125x66.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1790
cf-request-id: 084d1b0c4600001ede49b6d000000001
last-modified: Fri, 12 Feb 2021 15:14:38 GMT
server: cloudflare
etag: "60269b5e-872"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8KCwu%2FXRToff9IivkFw7BSAAN10vDkM4fIuf9fgsumulzjfoK0qZI7qeQUpkW7cRZqthMtwiWxD89%2FlmeBTwJR%2B25jAYHp0K9QkXjP0OnbiGrImss8yvag%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 13:32:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded21ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-125x66.jpg
positivr.fr/wp-content/uploads/2021/02/ 2 KB
2 KB 25ms
21ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-125x66.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc30f3a1a7cb975f5cdb1154b9c79a523295f10038abb1aef5e2946e8e4a837

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 171065
cf-polished: qual=85, origFmt=jpeg, origSize=2265
content-disposition: inline; filename="la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-125x66.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1912
cf-request-id: 084d1b0c4600001ede6a80d000000001
last-modified: Fri, 12 Feb 2021 14:23:58 GMT
server: cloudflare
etag: "60268f7e-8d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3WBh1n3f9qZbeTawIPmDG0ESZCEahr9L0WqA4WPBr8MSYCewMFBLdacEPBfKOUEw84%2B6LxuI1Vk5vgx4bHcpZUS2HtimKLnKheCJIeGhadOxIrDR3fojZg%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 16:11:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded31ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 cracovie-deneige-avec-du-marc-a-cafe-une-2-125x66.jpg
positivr.fr/wp-content/uploads/2021/02/ 3 KB
3 KB 27ms
24ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/cracovie-deneige-avec-du-marc-a-cafe-une-2-125x66.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1b5debe3305f428eb5415e9fbfd39beaa4d62847351a8105423b20ffd01c59

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 164791
cf-polished: origSize=2743, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2710
cf-request-id: 084d1b0c4700001edeaf281000000001
last-modified: Fri, 12 Feb 2021 13:30:07 GMT
server: cloudflare
etag: "602682df-ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H%2BMRDwy3NaaMshXNswlQuXH%2BwyEInc%2BMS1YPd9RXIl84cWFMy%2BPQiaVF0utFj7qAICaw1pzL2SX1Ml%2FNulQ8cWfqha5n9kNU5dMel4IAxcXUSXdBcuxHmw%3D%3D"}]}
content-type: image/jpeg
expires: Wed, 24 Feb 2021 17:56:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded61ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bonne-nouvelle-aucun-rhinoceros-na-ete-braconne-au-kenya-en-2020-une-125x66.jpg
positivr.fr/wp-content/uploads/2021/02/ 2 KB
2 KB 27ms
24ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/bonne-nouvelle-aucun-rhinoceros-na-ete-braconne-au-kenya-en-2020-une-125x66.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c450852053ffb31029ca7632ba7cdde68da4faf652b182a20ce9b1dfa5a2264f

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 180593
cf-polished: qual=85, origFmt=jpeg, origSize=2223
content-disposition: inline; filename="bonne-nouvelle-aucun-rhinoceros-na-ete-braconne-au-kenya-en-2020-une-125x66.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2010
cf-request-id: 084d1b0c4700001ede448c9000000001
last-modified: Fri, 12 Feb 2021 13:35:13 GMT
server: cloudflare
etag: "60268411-8af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JRbSYA4pULsd3T3nNciPsW6eiBWihjBz1pSuYmBQzsUNYzWsXu8Dp%2Bo3f6G1RjsYQcqeX4jwj3imfMVPzxnlSLc%2FKJjdv8wd4EKvWii98Vs8ZUc0G%2Bp0ZA%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 13:32:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ded91ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 piege-a-frelons-asiatiques-invention-vigivelutina-une-2-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 65 KB
65 KB 28ms
25ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/piege-a-frelons-asiatiques-invention-vigivelutina-une-2-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067a6ab8be926cdda842c6438af562f0b069d54779a85b4f1dca8bf8137ca8f7

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 116681
cf-polished: origSize=66248, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66215
cf-request-id: 084d1b0c4700001edea094e000000001
last-modified: Mon, 15 Feb 2021 07:15:01 GMT
server: cloudflare
etag: "602a1f75-102c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OUhxy0hF2DT9VT3m7cAhpSYCZS%2BXYq%2BRcyZDNFSJ5o4SE14YpfKyY0atj9j6ZlIcWK7ixRclccuVK1C%2BOskXGjkYdx8uI5wn9Bj5CQj94qslY9tScTpwJg%3D%3D"}]}
content-type: image/jpeg
expires: Thu, 25 Feb 2021 07:17:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126dedb1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 Copie-de-Copie-de-POSITIVR-Une-5.jpg
positivr.fr/wp-content/uploads/2021/02/ 37 KB
37 KB 41ms
38ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/Copie-de-Copie-de-POSITIVR-Une-5.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f2a9ad9029080773f93771650f2442d8fec18b49143da8d455d4de4467fbd03

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 28397
cf-polished: origSize=37468, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37435
cf-request-id: 084d1b0c5000001edeb9a4f000000001
last-modified: Thu, 11 Feb 2021 10:36:51 GMT
server: cloudflare
etag: "602508c3-925c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lqa%2Fjqw8SFmfADP21s3cMmAzTFF%2FOEg1RcOO3zqQkph8lQVWLssxUks%2B3QrsuF%2BU9TrvIkzZc6nrA%2FH1IZbAJ6YI9B4kXTop53yJfT%2FojMb7Xw92NXhhXg%3D%3D"}]}
content-type: image/jpeg
expires: Fri, 26 Feb 2021 07:49:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef051ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 precarite-menstruelle-etudiants-interview-une-768x402.jpeg
positivr.fr/wp-content/uploads/2021/02/ 21 KB
21 KB 37ms
34ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/precarite-menstruelle-etudiants-interview-une-768x402.jpeg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a052d0299931461fdebe30a571829880a9fdeb14b78b425a4c40cc1a2301f608

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182785
cf-polished: origSize=21318, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21285
cf-request-id: 084d1b0c5000001ede8e361000000001
last-modified: Sat, 13 Feb 2021 10:01:20 GMT
server: cloudflare
etag: "6027a370-5346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I3%2BelMazCJlkTe5HoTy4Wg1mNbMt9teGjHec14V1DVu1uim8CsLr0XTq9Gj8wZJ7R17sNaaK1kX37T8Wpqysc1HEVLAmacaQMCiJ%2FD3YOtgh1Vjwqk77jA%3D%3D"}]}
content-type: image/jpeg
expires: Wed, 24 Feb 2021 12:56:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef071ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 25 KB
26 KB 39ms
36ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d58e5428219fcdac9189b261f6dcb86b53cc4f13a87a92cac11ad32e495a64

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182784
cf-polished: qual=85, origFmt=jpeg, origSize=26300
content-disposition: inline; filename="je-nai-pas-lintention-de-la-fermer-pomme-temoigne-du-harcelement-dans-lindustrie-musicale-une-768x402.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25778
cf-request-id: 084d1b0c5100001ede4fa0d000000001
last-modified: Fri, 12 Feb 2021 15:14:28 GMT
server: cloudflare
etag: "60269b54-66bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DUgWJ3S5r9Ct%2BlzOE3PhSKAlFliS5CCDLVBObW82dsD7vZF2NgHf%2BaYgaGphjBgP6LOmYd8Tnyq96NtWEiKnrAEdWVR%2BLY%2Fr0ooyKEYLgialKr7cBxItOA%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 12:56:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef091ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 22 KB
23 KB 48ms
45ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73f6c4884aaa92baaf6fc3da04bcfd3509732aeb4704c01b429157b54e8bc2d5

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182783
cf-polished: qual=85, origFmt=jpeg, origSize=22921
content-disposition: inline; filename="la-lettre-puissante-de-camelia-jordana-en-reponse-aux-critiques-attaques-et-harcelement-une-768x402.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22828
cf-request-id: 084d1b0c5200001edea6b33000000001
last-modified: Fri, 12 Feb 2021 14:23:49 GMT
server: cloudflare
etag: "60268f75-5989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bdq7%2BJDDeeG%2BKPs%2Br5XeaL16xAZSNGAa8Pr4YHNjtXj5MFB48ytSyQjK7q7DFGKKkAAX0jslbo0W51USlMG7iTRox0daeXAkpBopAjq2Hu4Fafwihyb%2Ftw%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 12:56:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef0c1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 cracovie-deneige-avec-du-marc-a-cafe-une-2-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 44 KB
44 KB 45ms
43ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/cracovie-deneige-avec-du-marc-a-cafe-une-2-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75676a4ef2f0de3507ca893bfbd3d167d0d61224076f0c8fe02ae74a9c084b4c

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182783
cf-polished: origSize=44813, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44780
cf-request-id: 084d1b0c5200001edeacb75000000001
last-modified: Fri, 12 Feb 2021 13:29:54 GMT
server: cloudflare
etag: "602682d2-af0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k48nonX5%2FCycImNeaSfww4bYsaRupGjEUKZXBPvk9obvtn%2BDsGsdxBbfilUunHgWPnRqtuL3micnY%2FtimKiQ11Scz5Ygf5wGrw3PV7az2YZoZ9WHnjQ1bQ%3D%3D"}]}
content-type: image/jpeg
expires: Wed, 24 Feb 2021 12:56:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef0e1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bonne-nouvelle-aucun-rhinoceros-na-ete-braconne-au-kenya-en-2020-une-768x402.jpg
positivr.fr/wp-content/uploads/2021/02/ 36 KB
36 KB 40ms
38ms Image
image/jpeg 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/2021/02/bonne-nouvelle-aucun-rhinoceros-na-ete-braconne-au-kenya-en-2020-une-768x402.jpg
Requested by: Host: positivr.fr
URL: https://positivr.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152aad0e659f393d84abd91e33f2e69db2ada7f3925b20f76a1c920f5d9deca9

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182782
cf-polished: origSize=36493, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36460
cf-request-id: 084d1b0c5200001ede62203000000001
last-modified: Fri, 12 Feb 2021 13:35:04 GMT
server: cloudflare
etag: "60268408-8e8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=siMpPdrEmEl3CV6pKtEzieW9WRi%2BUmJpDT%2BWimUp%2BpCckYypXRljE73RTHS%2FJYUTWLpsxNzs6kWyK5st2P9rO7ZA8KkZdOH58zwCTwIOmTlwuSNvTxIFZQ%3D%3D"}]}
content-type: image/jpeg
expires: Wed, 24 Feb 2021 12:56:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62286126ef101ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 frontend.css
positivr.fr/wp-content/plugins/thrive-leads/editor-layouts/css/ 57 KB
5 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://positivr.fr/wp-content/plugins/thrive-leads/editor-layouts/css/frontend.css?ver=2.3.8.1
Requested by: Host: positivr.fr
URL: https://positivr.fr/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85442d6b6bb040b1f8a35a7ffd115ab00e4ac247f7c50e5f66bed3d3f932f2cc

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182811
cf-polished: origSize=58800
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084d1b0e6e00001edea0986000000001
last-modified: Fri, 12 Feb 2021 14:57:58 GMT
server: cloudflare
etag: W/"60269776-e5b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7PbtG9ztbfKVU2SyXPq5WAVqYvO38td%2BnH7Qcpz7Q68pBt0TT38kPdTZEOIqPxhzpNo6IkTQ%2Fp6r7Zzxu7yYHgKVtRsD%2Bfo%2BNZUjRIcKw80%2FlUWpKVokzw%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6228612a4ff51ede-AMS
expires: Wed, 24 Feb 2021 12:55:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
695 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,700,400&subset=latin

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

449b8b168de95704a3a54b50b229d477f74b0078cde7ca009fa408b60a5da574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 15:42:37 GMT
server: ESF
date: Tue, 16 Feb 2021 15:42:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 15:42:37 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
556 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,700&subset=latin

Requested by

Host: positivr.fr
URL: https://positivr.fr/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5ae01d23b37c2fddaaeedfc520beaca27d647e426ed0111280746ffabd2305e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 15:42:37 GMT
server: ESF
date: Tue, 16 Feb 2021 15:42:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 15:42:37 GMT

GET
H2 200 download_icon.png
positivr.fr/wp-content/uploads/tve_leads_templates/lightbox/tcb2_icons-v1-2-step_m1/images/ 4 KB
5 KB 35ms
35ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/tve_leads_templates/lightbox/tcb2_icons-v1-2-step_m1/images/download_icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4093bb2957e65d31be04d186103c928f4e08c057b3cb3420846deba8afd180fb

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:37 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
cf-polished: origFmt=png, origSize=10737
content-disposition: inline; filename="download_icon.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4286
cf-request-id: 084d1b0e7800001ede86107000000001
last-modified: Fri, 09 Oct 2020 18:26:32 GMT
server: cloudflare
etag: "5f80ab58-29f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2IuU%2FsUHD6DL31QEwtb5Rt9X2j3YjvVRs5uhL8hL7ZZ1mvGakLhF07hQGYLqHNMvdTLOaO14%2FoWj477YU7aBwTqJIEYJuNdFUaL2Pd77e08vMqunTyBB7A%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 12:55:48 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6228612a580b1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 download_icon.png
positivr.fr/wp-content/uploads/tve_leads_templates/lightbox/tcb2_icons-v1-2-step_m2/images/ 4 KB
4 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:491d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://positivr.fr/wp-content/uploads/tve_leads_templates/lightbox/tcb2_icons-v1-2-step_m2/images/download_icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:491d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4093bb2957e65d31be04d186103c928f4e08c057b3cb3420846deba8afd180fb

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:37 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 182809
cf-polished: origFmt=png, origSize=10737
content-disposition: inline; filename="download_icon.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4286
cf-request-id: 084d1b0e7400001ede4424a000000001
last-modified: Fri, 09 Oct 2020 18:26:32 GMT
server: cloudflare
etag: "5f80ab58-29f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ooOlqfiXixDhezCWmMiprDyy8Pd0BYqSbAtpaAk5QdW2C%2Bc7gAiblsmV3BAJpyhHDHPeGGgLqwKMEcbnX00%2BQlbMbjyOd6JqCp57rZao6OfXwreHEGCjcw%3D%3D"}]}
content-type: image/webp
expires: Wed, 24 Feb 2021 12:55:48 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6228612a580e1ede-AMS
cf-bgj: imgq:85,h2pri

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,700&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 386223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:34 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,700&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:43 GMT
server: sffe
age: 386223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:34 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,700,400&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://positivr.fr
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,700,400&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 80475
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 15 Feb 2022 17:21:22 GMT

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET json
gum.criteo.com/sid/ 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
682 B 393ms
321ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=561760&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221bbe8732d5d653%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpositivr.fr%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22flashb.id%22%2C%22sid%22%3A%22e2f12b23-e90f-53e6-ac18-b6439e1288be%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222a5285a8de6d92%22%2C%22ext%22%3A%7B%22siteID%22%3A%22561760%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223fa0ac9c995de4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22561760%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224463bd1eecd5c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22561760%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225b66748f72e2f1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22561760%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22653ae3747e5acb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22561760%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 601da845397af1dbc920710fcb64e0d982bf144d3fd48b307236c9e8dbda5cc5

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:42 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.187], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://positivr.fr
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 44
x-ak-client-geo: 12
expires: Tue, 16 Feb 2021 15:42:42 GMT

POST
H2 204 bidrequest Show response
dsp.adotmob.com/headerbidding/ 0
344 B 150ms
51ms XHR
text/plain 52.51.89.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adotmob.com/headerbidding/bidrequest
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.51.89.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-89-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://positivr.fr
date: Tue, 16 Feb 2021 15:42:42 GMT
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 80ms
27ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://positivr.fr
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/ROS?rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23.0&ncb...
https://ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/ROS?ct=1&rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23....

370 B
782 B

35ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2e111/1/positivr.fr/ROS?ct=1&rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpositivr.fr%2F&gdpr=0&gdprcs=null
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3205f68b701b24b93ec061d682dcb82e373246d94546b0812ba2f80b73c96d2c

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:42 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://positivr.fr
expires: Tue, 16 Feb 2021 15:42:42 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 370
x-sid: AMS-738

Redirect headers

date: Tue, 16 Feb 2021 15:42:41 GMT
server: openresty
access-control-allow-origin: https://positivr.fr
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e111/1/positivr.fr/ROS?ct=1&rnd=0.9834817867078252&e=300x250_0%3A300x250%2C300x600%2C160x600%2C336x280%2C120x600&ur=https%3A%2F%2Fpositivr.fr%2F&r=pbjs&pbv=4.23.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fpositivr.fr%2F&gdpr=0&gdprcs=null
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-738

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 168ms
107ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://positivr.fr
date: Tue, 16 Feb 2021 15:42:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 139ms
65ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e901404310d3893a23e87c37b7f01cd1fd722937e24dfb15e52daad7e9285e2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:42 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid: b177e69a-f417-4124-9679-6f74839f202c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://positivr.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 149ms
90ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:42 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://positivr.fr
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 16 Feb 2021 15:42:42 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 976 B
2 KB 209ms
127ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 6acfd026a8b1361a3fe04829903f6931697c32a3e31e169682a79bd61f0792a1

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:41 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b24%3b50
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://positivr.fr
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 268 B
2 KB 256ms
121ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20922&site_id=341962&zone_id=1805042&size_id=15&alt_size_ids=9%2C8%2C10%2C16&p_pos=atf&gdpr=0&rp_schain=1.0,1!flashb.id,e2f12b23-e90f-53e6-ac18-b6439e1288be,1,,,&eid_pubcid.org=dba386f8-00bc-4bd0-802b-35199981fea6%5E1&rf=https%3A%2F%2Fpositivr.fr%2F&tk_flint=pbjs_lite_v4.23.0&x_source.tid=7e31fcc0-b7f2-4c3f-9f7d-4cc4c838d42c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0607&slots=1&rand=0.8263691333753349
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b315ad52535601548cdceaa7f9a5c42344749387badbfd2326ff220a806580a2

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://positivr.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 268
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
474 B 324ms
275ms XHR
application/json 18.185.226.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.23.0&referrer=https%3A%2F%2Fpositivr.fr%2F&tmax=1115&gdpr=false

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.226.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-226-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:42 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://positivr.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 374 B
829 B 265ms
184ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpositivr.fr%2F&CanonicalUrl=https%3A%2F%2Fpositivr.fr%2F&PublisherDomain=https%3A%2F%2Fpositivr.fr

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

7d698d1f12eb5199eec55f1a799401825634713724c73b472d3d91d3e6def293

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 15:42:41 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 145
vary: Accept-Encoding
content-length: 374
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://positivr.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
512 B 157ms
106ms XHR
application/json 52.58.180.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223731987fc30accb%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fpositivr.fr%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22flashb.id%22%2C%22sid%22%3A%22e2f12b23-e90f-53e6-ac18-b6439e1288be%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dba386f8-00bc-4bd0-802b-35199981fea6%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223124ffd93cec181%22%2C%22currency%22%3A%22EUR%22%2C%22pid%22%3A%2222348894%22%2C%22tid%22%3A%227e31fcc0-b7f2-4c3f-9f7d-4cc4c838d42c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.180.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-180-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ca2a984def8e8a0bc9c5a49a2f933d8d4d39876ad5e7546d4d3dd2c16cfd0e

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://positivr.fr
date: Tue, 16 Feb 2021 15:42:42 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 8 KB
9 KB 189ms
137ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ae017575b728ddb7d14f98001f&pos=8a969c3c0177770907b21a4385e1008d&cmd=bid&secure=1
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: e112fba09ce1120937293bd37b603d57b850582cc99025494b94f67058406c60

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Feb 2021 15:42:42 GMT
Server: ATS/7.1.2.128
Age: 1
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://positivr.fr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8400

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 8 KB
9 KB 192ms
135ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ae017575b728ddb7d14f98001f&pos=8a96949a017777152d661a4383e70069&cmd=bid&secure=1
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 62253d7d251e5eb7075bdf464ff91107e89af2365d87c887600aa634ee6b4136

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Feb 2021 15:42:42 GMT
Server: ATS/7.1.2.128
Age: 1
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://positivr.fr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8130

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 159ms
54ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.23.0&cb=29732020561
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://positivr.fr
date: Tue, 16 Feb 2021 15:42:41 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 53ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:43 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:56:33 GMT
server: nginx
etag: W/"601bd2e1-13f72"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Feb 2021 15:42:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0E9E 0
150 B 41ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=positivr.fr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=positivr.fr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://positivr.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2158
date: Tue, 16 Feb 2021 15:42:44 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 52ms
25ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d

Request headers

Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:44 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:56:33 GMT
server: nginx
etag: W/"601bd2e1-13f72"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Feb 2021 15:42:44 GMT

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 300ms
70ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
155 B 298ms
69ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 313ms
85ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 303ms
76ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 312ms
85ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 303ms
77ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 303ms
77ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 302ms
77ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 301ms
76ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 300ms
77ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

POST
H2 200 beacon Show response
tn.flashb.id/ 11 B
154 B 299ms
76ms XHR
application/octet-stream 51.159.25.4
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tn.flashb.id/beacon

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/hbdbrk.m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.159.25.4 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-25-4.lb.fr-par.scw.cloud

Software

Resource Hash

6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Referer: https://positivr.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 15:42:45 GMT
content-length: 11
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream

GET
H/1.1 200
OK CookieSyncV.html Show response
csync.smartadserver.com/diff/rtb/csync/ Frame FB91 1018 B
801 B 40ms
6ms Document
text/html 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host: csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://positivr.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pbw=%24b%3d16830%3b%24o%3d12100; vs=362877=4274862; TestIfCookie=ok; TestIfCookieP=ok; sasd2=q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0&c=1&l=1648391950&lo=1166092946&lt=637490905620282397&o=1; sasd=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "f7993322e8eb79ecae2b39841d5f82cc:1610531091.962632"
Last-Modified: Tue, 05 Jan 2021 10:45:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Date: Tue, 16 Feb 2021 15:42:47 GMT
Content-Length: 445
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 82F1 2 KB
1 KB 93ms
35ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://positivr.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 16 Feb 2021 15:42:47 GMT
Content-Length: 1151
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4C63 2 KB
818 B 30ms
29ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1613490161960

Requested by

Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1613490161960
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://positivr.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BE48 37 KB
14 KB 89ms
30ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://positivr.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=23617
Expires: Tue, 16 Feb 2021 22:16:24 GMT
Date: Tue, 16 Feb 2021 15:42:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 1FCF 8 KB
2 KB 49ms
34ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60247ea06f180ac4b216fa56a4a5703e23dc9aad91b717f70d86842696603794

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://positivr.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-type: text/html
set-cookie: __cfduid=d5bb345bfc6de17cf1cd5a992a77829ba1613490167; expires=Thu, 18-Mar-21 15:42:47 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=67c34717-5f30-409c-5925-406272dc269e; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%0A%C4%D8%14%E7f%F8%D9%FF%BE%13%D2l%25%1AF%B5w%F6iyK8X%F9h%19u%E9%97%F1%0C%BC%3A%1CAs%CF%FE%27%E0%94%A2%E5+0%FBL%06h%7CQ8%F4V%09%03%5D%3C%84%D6%BD%2C%22%EB+W%3B%99%5B%99%0E%3B%97O%96I%FF%3E%1DJ%D8%C5%00%CAq%5B%ED%BB%B2R%A6%9C%B86u%A3%C7%7F%02%E1%03%D4%EC%7C8Y%40b5%3A%23%1E%E8k%AC9O%E8S%86%A0%EE4%11%26%E5%18%81%F9%00%17%CF%02b%CD%BC%89%BE%B38%8F%0FA%96%A3%C3%7B%83%2C%22%C5%90+RVW%28%92%838%3F6%DD%83%14%84yV%B3; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://positivr.fr
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 084d1b36b700004ddcbcb1b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6228616abe304ddc-FRA
content-encoding: br

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BDAA 291 B
559 B 121ms
38ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://positivr.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KL86DSW6-A-A0CX; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tmCxRUZWfOQdxroH5NGnhRqqTCqCKieGkTxzCtz/GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERs6pmjGBr9ZNMX4JPKBYjCRbro=; ses15=; vis15=341962^1; audit=1|naVuGyos1qpwbSmAy2Fgi3p4/TMPY9XwImZ+DjmuO7UEM+EpNaxH+UcZwMLuKdkcIIjfdKgW99TzaOjqNHkMXdAPlTu0R9RN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Feb 2021 15:42:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2449 52 KB
17 KB 79ms
23ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://positivr.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIz6xwEAoYASABKAEw8s-vgQY4AUABSAEQ8s-vgQYYAA..; uuid2=234656609155593471
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 12 Feb 2021 05:50:00 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 16 Feb 2021 15:42:47 GMT
Age: 35559
X-Served-By: cache-lga21923-LGA, cache-hhn4020-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 557034
X-Timer: S1613490168.534560,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8836 1 KB
1 KB 79ms
24ms Document
text/html 18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: www.flashb.id
URL: https://www.flashb.id/assets/js/inc/2.7746b600663d695d4d5c.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7a9ba7549798de3957686ce31bfcf0b13ce11099a3e2307023f627056500e24c

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://positivr.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=8180551542844596283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://positivr.fr/

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQ7r2I3PouCgoIkQIQ7r2I3PouCgoI4gEQ7r2I3PouCgoIkgIQ7r2I3PouCgoI5gEQ7r2I3PouCgoIhwIQ7r2I3PouCgkIOhDuvYjc-i4KCQgLEO69iNz6LgoJCF8Q7r2I3PouCgkIHxDuvYjc-i4=; Max-Age=7776000; Expires=Mon, 17 May 2021 15:42:47 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8180551542844596283; Max-Age=7776000; Expires=Mon, 17 May 2021 15:42:47 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 consent-string.min.js Show response
ec-ns.sascdn.com/diff/rtb/csync/ Frame FB91 26 KB
6 KB 111ms
27ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE3) /
Resource Hash: 05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 09:44:13 GMT
server: ECS (mil/6CE3)
age: 21367
etag: "f720a7f2a8432d0f18de76239266413f:1613468724.044181"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6396

GET
H2 200 TemplatePool.min.js Show response
ec-ns.sascdn.com/diff/rtb/csync/ Frame FB91 73 KB
4 KB 114ms
31ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEF) /
Resource Hash: 8a3112147deb7582a6eee70a604bc357cfd5f4248ddb0b66c6202b239f440825

Request headers

Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 09:45:07 GMT
server: ECS (mil/6CEF)
age: 21363
etag: "38505e06b6e4a7a8df4e0ddee4b6f772:1613468726.85906"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3519

GET
H2 200 CookieSync.min.js Show response
ec-ns.sascdn.com/diff/rtb/csync/ Frame FB91 4 KB
2 KB 113ms
30ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: 1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 09:45:09 GMT
server: ECS (mil/6CEC)
age: 21365
etag: "5c225f0da4164867a9eba01d527131e3:1613468724.918929"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1566

GET
H2 200 CookieSyncCtrl.min.js Show response
ec-ns.sascdn.com/diff/rtb/csync/ Frame FB91 4 KB
2 KB 112ms
29ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3389&dcid=6&iscname=false&cname=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 09:45:10 GMT
server: ECS (mil/6CE4)
age: 21367
etag: "c77fb70e5e267321a13fbe8a4c2eb33b:1613468725.33866"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1560

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 1FCF 0
0 60ms
59ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6...
https://mwzeom.zeotap.com/mw?google_gid=CAESEERjaZWIhzL3Y1u7SqYpxFA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adf...

95 B
179 B

54ms
52ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEERjaZWIhzL3Y1u7SqYpxFA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616be8814ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b376e00004ddce32ef000000001

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEERjaZWIhzL3Y1u7SqYpxFA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=9e64465b-706d-11eb-b056-0eb794dee0a0&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8...

95 B
190 B

27ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=9e64465b-706d-11eb-b056-0eb794dee0a0&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616be8804ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b376e00004ddca4a6e000000001

Redirect headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=9e64465b-706d-11eb-b056-0eb794dee0a0&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 1FCF 0
188 B 144ms
42ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D1...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D1...
https://mwzeom.zeotap.com/mw?cid=f3df6e8e-5f4d-41fa-9182-22eb433e19c6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8...

95 B
179 B

23ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f3df6e8e-5f4d-41fa-9182-22eb433e19c6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616c89764ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b37d200004ddcec822000000001

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=f3df6e8e-5f4d-41fa-9182-22eb433e19c6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 1FCF 0
163 B 136ms
75ms Image
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 52
date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1613490168.607189,VS0,VE52
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19158-FRA

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 1FCF 0
361 B 139ms
41ms Image
text/html 154.57.158.51
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS: amsadvip2.fwmrm.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:47 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1FCF 0
240 B 188ms
37ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:47 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=136...
https://mwzeom.zeotap.com/mw?cid=f7ee69cf-a9db-4073-8e9c-8a5bc68aca50&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
179 B

26ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f7ee69cf-a9db-4073-8e9c-8a5bc68aca50&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616c08b74ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b378400004ddcd50a2000000001

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=f7ee69cf-a9db-4073-8e9c-8a5bc68aca50&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=67c34717-5f30-409c-5925-406272dc269e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=67c34717-5f30-409c-5925-406272dc269e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=32155107856202633300289697687152857055&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-...

95 B
179 B

27ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=32155107856202633300289697687152857055&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616c999d4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b37e200004ddc999f5000000001

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 25DXK1nOR50=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=32155107856202633300289697687152857055&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 /
loadeu.exelator.com/load/ Frame 1FCF 0
324 B 98ms
29ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=67c34717-5f30-409c-5925-406272dc269e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021021616-60843-0.518902001613490168-0b7f13790e7c57371857b08b118fd68f&zdid=533&env=mWeb

95 B
179 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021021616-60843-0.518902001613490168-0b7f13790e7c57371857b08b118fd68f&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616cda1a4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b380900004ddce82ec000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021021616-60843-0.518902001613490168-0b7f13790e7c57371857b08b118fd68f&zdid=533&env=mWeb
Date: Tue, 16 Feb 2021 15:42:48 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6929887499708266638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-...

95 B
179 B

22ms
21ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6929887499708266638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616c897a4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b37d300004ddcd8959000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6929887499708266638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Date: Tue, 16 Feb 2021 15:42:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 1FCF 95 B
426 B 32ms
32ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=67c34717-5f30-409c-5925-406272dc269e

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=67c34717-5f30-409c-5925-406272dc269e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=67c34717-5f30-409c-5925-406272dc269e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=APlfs5GXSQivJboq4ifwQO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4c...

95 B
179 B

59ms
59ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=APlfs5GXSQivJboq4ifwQO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616ca9aa4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b37e600004ddcc81a3000000001

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
last-modified: Tue, 16 Feb 2021 15:42:47 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=APlfs5GXSQivJboq4ifwQO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 1FCF 36 B
377 B 94ms
28ms Image
image/gif 89.163.159.106
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=67c34717-5f30-409c-5925-406272dc269e&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.106 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2 403 tpid=67c34717-5f30-409c-5925-406272dc269e
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 1FCF 49 B
244 B 142ms
45ms Image
image/gif 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=67c34717-5f30-409c-5925-406272dc269e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.147
content-type: image/gif
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-ShoERbh1lw3G9oT0W9xaZN3UMLANV.W8FQ--&zpartnerid=570&env=mWeb

95 B
306 B

31ms
31ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-ShoERbh1lw3G9oT0W9xaZN3UMLANV.W8FQ--&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 622861738e324ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b3c3100004ddcce0a0000000001

Redirect headers

date: Tue, 16 Feb 2021 15:42:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-ShoERbh1lw3G9oT0W9xaZN3UMLANV.W8FQ--&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRUwFYZVCEOutt6WPBptJEsN%2BS41iYitP1U%3D

95 B
437 B

24ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRUwFYZVCEOutt6WPBptJEsN%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 62286174d8504ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b3d0700004ddcd32aa000000001

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:49 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRUwFYZVCEOutt6WPBptJEsN%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 1FCF 43 B
608 B 75ms
33ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1FCF 0
338 B 1783ms
44ms Image
text/plain 52.17.12.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-12-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1613490169
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1FCF 95 B
524 B 3141ms
45ms Image
image/png 94.130.216.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.216.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cm023.richaudience.com
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:50 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 1FCF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
165 B

26ms
25ms

Image
image/png

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361&_test=YCvn_AAAAFW2Tyzr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
age: 642
x-served-by: cache-hhn4077-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1613490169.561078,VS0,VE0
content-length: 85
x-cache-hits: 5425

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1613490168.341169,VS0,VE179
x-served-by: cache-hhn4077-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D67c34717-5f30-409c-5925-406272dc269e%26reqId%3D148adfff-06e5-4cd8-6d03-005785805254%26zdid%3D1361&_test=YCvn_AAAAFW2Tyzr
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=8066602b-e7f7-4e00-9650-cec0b312017f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adff...

95 B
179 B

24ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=8066602b-e7f7-4e00-9650-cec0b312017f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228616d7b6d4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b386700004ddcbd81c000000001

Redirect headers

Date: Tue, 16 Feb 2021 15:42:47 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=8066602b-e7f7-4e00-9650-cec0b312017f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 16 Feb 2021 15:42:46 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1FCF
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-00578580...

0
337 B

137ms
45ms

Image
text/plain

52.17.12.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-12-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=81 t=1613490169
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
date: Tue, 16 Feb 2021 15:42:49 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 1FCF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-592...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-592...

43 B
433 B

50ms
49ms

Image
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=67c34717-5f30-409c-5925-406272dc269e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1FCF
Redirect Chain

https://tags.bluekai.com/site/87734?id=67c34717-5f30-409c-5925-406272dc269e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
488 B

25ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6228618198414ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b450200004ddc8a392000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Tue, 16 Feb 2021 15:42:51 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 52d8
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 404 gif
im.thenewco.id/ Frame 1FCF 0
180 B 3111ms
42ms Image
image/gif 34.102.181.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.thenewco.id/gif?3puuid=67c34717-5f30-409c-5925-406272dc269e&3pid=3181cf1b-2b10-42bf-a085-d5d3264f1a06&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.181.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:50 GMT
via: 1.1 google
last-modified: Tue, 16 Feb 2021 15:42:50 GMT
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 1FCF 557 B
598 B 52ms
48ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2e695e569950660fe60b563e032d2c807f1b5f6773a4779a8b7c460c81c7df

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 6228616b3f694ddc-FRA
date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 084d1b36fe00004ddccbac5000000001

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8836 70 B
265 B 122ms
45ms Image
image/gif 54.72.52.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.52.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 8836
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPy7gPAwJsbpaTV8Mq1yobw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

26ms
24ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPy7gPAwJsbpaTV8Mq1yobw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPy7gPAwJsbpaTV8Mq1yobw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8836
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D&google_tc=

170 B
201 B

18ms
18ms

Image
image/png

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE4MDU1MTU0Mjg0NDU5NjI4Mw%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ Frame 8836 42 B
447 B 50ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=8180551542844596283&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
etag: "118072d82dfbd61:0"
last-modified: Thu, 04 Feb 2021 19:42:17 GMT
x-msedge-ref: Ref A: 93AA507A79DE43D49427F35ABFA3E023 Ref B: FRAEDGE1221 Ref C: 2021-02-16T15:42:47Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 8836
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/8180551542844596283?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-I8n3NsZ1lwPuyJi.NOM_pjlC2wNP2Mfj3fA4bPtXSQ--&dongle=0883

37 B
352 B

26ms
25ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-I8n3NsZ1lwPuyJi.NOM_pjlC2wNP2Mfj3fA4bPtXSQ--&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 16 Feb 2021 15:42:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-I8n3NsZ1lwPuyJi.NOM_pjlC2wNP2Mfj3fA4bPtXSQ--&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8836
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=234656609155593471&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

26ms
25ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=234656609155593471&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:47 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 59edddd8-958e-4b8d-90c8-bc977a9bef3e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=234656609155593471&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 8836
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8180551542844596283
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8180551542844596283&dcc=t

0
0

126ms
125ms

Image
text/html

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8180551542844596283&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8180551542844596283&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8836
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

24ms
23ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 8836 0
0 117ms
47ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=8180551542844596283
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 8836 0
0 106ms
35ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=8180551542844596283
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/sync?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BE48 3 KB
4 KB 123ms
37ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=71447771&p=160107&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 39345ff3f35aa9611a5d266b90c6ec2afeac9eee38eb0834e4a1b968aed7a15f

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:47 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 cmp
spl.zeotap.com/ Frame 1FCF 0
0 25ms
25ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=67c34717-5f30-409c-5925-406272dc269e&reqId=148adfff-06e5-4cd8-6d03-005785805254&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=67c34717-5f30-409c-5925-406272dc269e; zsc=%0A%C4%D8%14%E7f%F8%D9%FF%BE%13%D2l%25%1AF%B5w%F6iyK8X%F9h%19u%E9%97%F1%0C%BC%3A%1CAs%CF%FE%27%E0%94%A2%E5+0%FBL%06h%7CQ8%F4V%09%03%5D%3C%84%D6%BD%2C%22%EB+W%3B%99%5B%99%0E%3B%97O%96I%FF%3E%1DJ%D8%C5%00%CAq%5B%ED%BB%B2R%A6%9C%B86u%A3%C7%7F%02%E1%03%D4%EC%7C8Y%40b5%3A%23%1E%E8k%AC9O%E8S%86%A0%EE4%11%26%E5%18%81%F9%00%17%CF%02b%CD%BC%89%BE%B38%8F%0FA%96%A3%C3%7B%83%2C%22%C5%90+RVW%28%92%838%3F6%DD%83%14%84yV%B3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
set-cookie: __cfduid=dc0c7e39d397d4b8a7377a6158e018e501613490167; expires=Thu, 18-Mar-21 15:42:47 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 084d1b373900004ddc8610a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6228616b88064ddc-FRA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BDAA 31 KB
10 KB 40ms
39ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79428
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Wed, 17 Feb 2021 13:46:35 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 0038 43 B
326 B 147ms
47ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=71447771&p=160107&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 16 Feb 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1464
x-powered-by: ASP.NET
date: Tue, 16 Feb 2021 15:42:47 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 2D74
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1672028989653979540

42 B
849 B

123ms
33ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1672028989653979540
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=71447771&p=160107&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=160107:2; KADUSERCOOKIE=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2; chkChromeAb67Sec=1; DPSync3=1614643200%3A201_227_226_221; SyncRTB3=1614643200%3A13_161_7_220_21_54_56_3_223%7C1614729600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Tue, 16 Feb 2021 15:42:48 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-1672028989653979540; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Mar-2021 15:42:48 GMT; path=/ PugT=1613490168; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Mar-2021 15:42:48 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-May-2021 15:42:48 GMT; path=/
X-lat: Pug22068:0:360
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1672028989653979540
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vSn7yJuCTuqszeRozYHs8g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

31ms
30ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=170596
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Thu, 18 Feb 2021 15:06:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame BE48 95 B
302 B 36ms
26ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6228616c38fe4ddc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 084d1b37a000004ddcc2ac4000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame BE48
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

46ms
46ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:43 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:42 GMT
frontend-id: 10
location: /pubmatic/1/info2?sType=sync&sExtCookieId=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&addseg=31

7 B
147 B

351ms
31ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 15:42:49 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 16 Feb 2021 15:42:49 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkQyOUZCQzgtOUI4Mi00RUVBLUFDQ0QtRTQ2OENEODFFQ0Yy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
585 B

322ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-lat: Pug22049:0:464
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFE7DfurDtXBguxBi5fegzE&google_cver=1

42 B
935 B

353ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFE7DfurDtXBguxBi5fegzE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-lat: Pug22054:0:625
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFE7DfurDtXBguxBi5fegzE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame BE48 43 B
609 B 3146ms
45ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 15 Feb 2021 15:42:50 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3df6e8e-5f4d-41fa-9182-22eb433e19c6

42 B
1 KB

404ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3df6e8e-5f4d-41fa-9182-22eb433e19c6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-lat: Pug23020:0:351
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3df6e8e-5f4d-41fa-9182-22eb433e19c6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002843518679847438

42 B
974 B

398ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002843518679847438
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-lat: Pug23003:0:865
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:47 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002843518679847438
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:997b602b-e7f8-4f00-8b2f-d94bb0b7e000&gdpr=0&gdpr_consent=

42 B
1 KB

38ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:997b602b-e7f8-4f00-8b2f-d94bb0b7e000&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:46 GMT
X-lat: Pug23047:0:309
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 16 Feb 2021 15:42:43 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:997b602b-e7f8-4f00-8b2f-d94bb0b7e000&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Feb 2021 15:42:42 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=234656609155593471&gdpr=0&gdpr_consent=

42 B
848 B

355ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=234656609155593471&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-lat: Pug22074:0:301
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:47 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: e027e428-a586-4d62-b0de-08b60d6c8445
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=234656609155593471&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame BE48
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BD29FBC8-9B82-4EEA-ACCD-E468CD81ECF2&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fySVcA11l2JIfLzlSGjmwvlrQYjKWZo-&gdpr=0&gdpr_consent=

0
586 B

124ms
32ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fySVcA11l2JIfLzlSGjmwvlrQYjKWZo-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Tue, 16 Feb 2021 15:42:46 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Tue, 16 Feb 2021 15:42:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fySVcA11l2JIfLzlSGjmwvlrQYjKWZo-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame BDAA 70 B
264 B 47ms
45ms Image
image/gif 54.72.52.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.52.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BDAA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8066602b-e7f7-4e00-9650-cec0b312017f

42 B
678 B

141ms
36ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8066602b-e7f7-4e00-9650-cec0b312017f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Tue, 16 Feb 2021 15:42:43 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8066602b-e7f7-4e00-9650-cec0b312017f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Feb 2021 15:42:42 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDAA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQxNmVjNDhmNWExNWIxM2IxZDg0YTgwYzQ0YzM1YjAwNTNhNmNhOA

170 B
190 B

16ms
16ms

Image
image/png

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQxNmVjNDhmNWExNWIxM2IxZDg0YTgwYzQ0YzM1YjAwNTNhNmNhOA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQxNmVjNDhmNWExNWIxM2IxZDg0YTgwYzQ0YzM1YjAwNTNhNmNhOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame BDAA 0
66 B 323ms
33ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 15:42:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BDAA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Nyz8oFjtdkoxG_ZUUy971Q?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2344376075051626712

42 B
678 B

112ms
34ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2344376075051626712
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Tue, 16 Feb 2021 15:42:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2344376075051626712
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BDAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRw30CNBpT2fHqXMiVDlaU&google_cver=1

42 B
678 B

232ms
31ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRw30CNBpT2fHqXMiVDlaU&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBRw30CNBpT2fHqXMiVDlaU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BDAA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YCvn_AAAAGn1kSrK
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YCvn_AAAAGn1kSrK&_test=YCvn_AAAAGn1kSrK

42 B
678 B

31ms
30ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YCvn_AAAAGn1kSrK&_test=YCvn_AAAAGn1kSrK
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613490169.561157,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YCvn_AAAAGn1kSrK&_test=YCvn_AAAAGn1kSrK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDAA
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w4NkRTVzYtQS1BMENY

170 B
190 B

16ms
16ms

Image
image/png

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w4NkRTVzYtQS1BMENY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 15:42:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0w4NkRTVzYtQS1BMENY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2449 0
748 B 43ms
43ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 15:42:48 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: 0f33b43a-021a-44d9-a9cf-5f647f243ba9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame BE48 0
587 B 127ms
31ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160107&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Tue, 16 Feb 2021 15:42:49 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpositivr.fr%2F&domain=positivr.fr&cw=1

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpositivr.fr%2F&domain=positivr.fr&cw=1

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
positivr.fr/	1970-01-19 16:11:30	Name: sf_ck_tst Value: test
positivr.fr/	1970-01-19 16:14:22	Name: tho_post_titles Value: {"266648":"22020","266659":"22025"}
.positivr.fr/	1970-01-19 16:54:42	Name: __cfduid Value: dee1b785a9db4763b8744b344894a83931613490155

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://positivr.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.us.e-planning.net
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
chimpstatic.com
choices.consentframework.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
csync.smartadserver.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adotmob.com
eb2.3lift.com
ec-ns.sascdn.com
eus.rubiconproject.com
eventtracking.hubspot.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.frontend.weborama.fr
im.thenewco.id
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
loadeu.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
positivr.fr
pr-bh.ybp.yahoo.com
prg.smartadserver.com
s.amazon-adsystem.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync.richaudience.com
sync.tidaltv.com
t.sidekickopen90.com
tags.bluekai.com
tlx.3lift.com
tn.flashb.id
token.rubiconproject.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
visitor.fiftyt.com
www.flashb.id
www.flashbid.io
gum.criteo.com
142.250.185.66
151.1.205.165
151.101.113.108
151.101.114.49
151.101.13.44
154.57.158.51
159.253.128.188
178.250.2.131
178.250.2.151
18.157.239.120
18.185.226.146
18.198.126.47
184.30.20.207
184.30.21.51
185.255.84.151
185.29.133.208
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.139.95
2.17.177.117
212.82.100.182
213.155.156.168
213.19.162.41
23.218.208.200
23.218.208.246
23.37.38.181
23.37.42.132
2606:4700:10::6816:1957
2606:4700:20::681a:c23
2606:4700:20::ac43:491d
2606:4700:3034::6815:3a9d
2606:4700::6812:1cfb
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba1a
2a05:d018:24:b001:d120:1359:acbb:2de6
3.11.29.5
3.126.56.137
34.102.181.119
34.120.207.148
34.249.128.36
34.98.67.61
35.157.246.167
35.201.81.244
35.201.96.126
35.227.248.159
37.157.2.236
46.249.52.249
51.158.28.83
51.159.25.4
51.89.9.252
52.17.12.92
52.30.140.199
52.46.130.13
52.51.89.7
52.58.180.255
52.95.124.165
54.165.137.101
54.72.52.19
64.74.236.95
68.232.35.16
69.173.144.138
77.243.60.138
85.114.159.93
89.163.159.106
92.123.150.214
94.130.216.200
009895283ea6c64f4a0eaace2cf206538a6f141503896b25fcb2d5cc666fc047
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
067a6ab8be926cdda842c6438af562f0b069d54779a85b4f1dca8bf8137ca8f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1430bdc185471d9f2a1665d8791a7118560514ea19e5fe1143e38c03c8a179b0
152aad0e659f393d84abd91e33f2e69db2ada7f3925b20f76a1c920f5d9deca9
15d313809d9e011adbeba0d910908d7231b2a076859ba9dd4b87bff75c292e45
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18df49ebba2a4d7413ab60b1fa97ed64344f57289a2b4c4c81142b6a72d7df0f
1b2e695e569950660fe60b563e032d2c807f1b5f6773a4779a8b7c460c81c7df
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1c6f59568daa92440b86989c65cd80e534bdb6790431dbf46ed34e6bad60b652
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
2012339bc122ee8960d4374521eb44cea9bd972d9acbb1b68f91e57ed6f03bbe
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20f8ab73b636742c4cc8cc9414972bc1ea613dea0ca9f3552b2efe9f2884a620
27b7818b7faada69962937a8dbd7914a9bb875b1e4e972edaf921f6b2f4f055b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc01b48174eaf9f9733982acb2891053fbb22f16a8c975dacd5466627725c7d
3205f68b701b24b93ec061d682dcb82e373246d94546b0812ba2f80b73c96d2c
3313350a1de35688f99709c12966d2bc522cbf8be48fd5a140f72550985e12e5
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38de9acd2cbc2438a5e2e6fe72992ad52fe38a7c909ed149cd11fe340fd95997
391906568598e640aaef77123d1c8e2bba422ba7b1e6c109958e11bbd424b255
39345ff3f35aa9611a5d266b90c6ec2afeac9eee38eb0834e4a1b968aed7a15f
3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d
3d42ffba5184384286fc72b9e6f2f5822e850be740dccf82da35b512a3d64551
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4093bb2957e65d31be04d186103c928f4e08c057b3cb3420846deba8afd180fb
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39
43ab467d7288ba4d1d604c0c1e8ee1012912e6d488c3aeeb39a540d68dc56b21
449b8b168de95704a3a54b50b229d477f74b0078cde7ca009fa408b60a5da574
47d844b53c99f2e305290ff770652ff90b796eef0741eafcbbbefc3e30bb2415
489e46f8d390cb6fc3664a8a3a7b868926eca7ee069dd831e2e3d9aa633c0225
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9d313005eebc0f887cb620c64520c982adfa4418d432c5fbc81bcca8c81cbe
5996a720571610b2c46ce50574818a6d4ab0afc48c9aa77df1ae165d5eeb9539
5a6c7bbad74e6de457827cd8782584756f342b837af2a1d6dc0c023f3b1dc5dd
5a7f7a4af0d22fd17ad3495876b42b8a1966e9b27645e066993e7c5956101ff6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507
601da845397af1dbc920710fcb64e0d982bf144d3fd48b307236c9e8dbda5cc5
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60247ea06f180ac4b216fa56a4a5703e23dc9aad91b717f70d86842696603794
61a78780139f4a01ff424666fb8ba410b7af857c2135988b967ec337df0fa175
62253d7d251e5eb7075bdf464ff91107e89af2365d87c887600aa634ee6b4136
661b90b03b4a346df9e0dd19b1c4847c65accf7f3e86c0373d802dcaec38e29a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69983fe272868eb30bbe3dc3631e07ba0b2dd870576acbdac6109ea585f3f1ab
6a562a5e05a89b0f07d9c7f80be0aaeb00adc60279819c09f1bc9904dcf667d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6acfd026a8b1361a3fe04829903f6931697c32a3e31e169682a79bd61f0792a1
6ca917889b8ace24b01fa656053fa899520310d3d979a2d2900076a5454395cc
6df8837bf88147877c7aa5e68ae6d208bae73857fcac6a6b40384527ff368ba1
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f9e7a6e11308489179c7ed15c1adc9a3d6f81bdfed8481481bc4998a4880754
73f6c4884aaa92baaf6fc3da04bcfd3509732aeb4704c01b429157b54e8bc2d5
75676a4ef2f0de3507ca893bfbd3d167d0d61224076f0c8fe02ae74a9c084b4c
75a86c63cdcc202d5406a7b576ed936341fb71d9aed6ec6ee6ae21623a41d3d0
770ab4d2a03509b6a8277bafd84c2da94917391186a75f2fd3b1d40894b59c37
7959b12fe2fda21b6138ecfbc312bb7b1ed49b5c003a5dd1247a389922a5549d
7a9ba7549798de3957686ce31bfcf0b13ce11099a3e2307023f627056500e24c
7d698d1f12eb5199eec55f1a799401825634713724c73b472d3d91d3e6def293
7e403efa9f01e858f73277bd386a6e5e81ac731542ea07a758a327d15a24295f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f2a9ad9029080773f93771650f2442d8fec18b49143da8d455d4de4467fbd03
85442d6b6bb040b1f8a35a7ffd115ab00e4ac247f7c50e5f66bed3d3f932f2cc
8a3112147deb7582a6eee70a604bc357cfd5f4248ddb0b66c6202b239f440825
8c310e8806bb68b85baf52086f6aebdceca5ba997f4bfb5a0059df8a3c0176a5
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a052d0299931461fdebe30a571829880a9fdeb14b78b425a4c40cc1a2301f608
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8e37db8dd8b420d68c43ad5c83cdab3645331dccfaa73ddf28415dca7c0f7cc
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b059297e97495d4edf2f0615c73998af1989a4a3ef8811530302086017f0ea19
b315ad52535601548cdceaa7f9a5c42344749387badbfd2326ff220a806580a2
b5ae01d23b37c2fddaaeedfc520beaca27d647e426ed0111280746ffabd2305e
ba12ce3dadb67a7cdb779bd38352ccf80e7f261ede06f1c2e4b609bc9dcd0fe4
bb1b5debe3305f428eb5415e9fbfd39beaa4d62847351a8105423b20ffd01c59
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc30f3a1a7cb975f5cdb1154b9c79a523295f10038abb1aef5e2946e8e4a837
c0d58e5428219fcdac9189b261f6dcb86b53cc4f13a87a92cac11ad32e495a64
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ca2a984def8e8a0bc9c5a49a2f933d8d4d39876ad5e7546d4d3dd2c16cfd0e
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c450852053ffb31029ca7632ba7cdde68da4faf652b182a20ce9b1dfa5a2264f
c9bd1ae02933b23662d60dd6af40a57450e78d7ff688792fb78cef5c348c93af
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d2cdf12510c0fd497d9d39a74f60dc7822572083ae2009e065184a39b1030414
d3030cc7e8df3834904b7236ce159376da554d400b2bf9ebe5aca7a375b00227
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e112fba09ce1120937293bd37b603d57b850582cc99025494b94f67058406c60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5553401351eb4dadb2ae7bf9c83da068fe1401545237d2334d51bc1adfb4f45
e637ec89eb7cdb3dcd1e677146bbc1c6fc930295843d482b1a662193a66e2843
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e901404310d3893a23e87c37b7f01cd1fd722937e24dfb15e52daad7e9285e2f
e93f3def3ff300944fb0dd2284ad1c7dc0774639658413d9240fba29c60d5396
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5840e94efabf1258e36d295ab51c7dde92f30c488100746cfa82d7fbaddb86f
fc5365337fc750c74a6c38295cb2beeec715a147c5331221c5d278270a0212e8
fdbfe91c78cd7d515d6dba4e274f5705f36576c7a2f1c6d39b9edfa072cefe84
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

positivr.fr Open in urlscan Pro 2606:4700:20::ac43:491d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

99 %HTTPS

19 %IPv6

57 Domains

81 Subdomains

60 IPs

9 Countries

1575 kBTransfer

4731 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

positivr.fr Open in urlscan Pro
2606:4700:20::ac43:491d Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

99 %
HTTPS

19 %
IPv6

57
Domains

81
Subdomains

60
IPs

9
Countries

1575 kB
Transfer

4731 kB
Size

3
Cookies

184 HTTP transactions
5 data transactions