www.confidencesensuelle.com Open in urlscan Pro
34.77.70.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://anik2.googleoffer.xyz/
Effective URL:
https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
Submission: On January 18 via api (January 18th 2022, 4:43:27 am UTC) from VN — Scanned from FR

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 14 domains to perform 42 HTTP transactions. The main IP is 34.77.70.222, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is www.confidencesensuelle.com.
TLS certificate: Issued by R3 on December 16th 2021. Valid for: 3 months.

This is the only time www.confidencesensuelle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.210.142.141 62.210.142.141	12876 (Online SAS) (Online SAS)
2 2	212.32.250.10 212.32.250.10	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	18.185.201.184 18.185.201.184	16509 (AMAZON-02) (AMAZON-02)
1 1	52.209.211.100 52.209.211.100	16509 (AMAZON-02) (AMAZON-02)
12	34.77.70.222 34.77.70.222	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
10	35.195.163.35 35.195.163.35	15169 (GOOGLE) (GOOGLE)
1	35.227.234.99 35.227.234.99	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	35.227.221.175 35.227.221.175	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
42	11

1 62.210.142.141 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: popus.webrserver.com

anik2.googleoffer.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.250.10 (Amsterdam, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

click.gosktrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
leadshark.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.201.184 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-201-184.eu-central-1.compute.amazonaws.com

intoxifly.scaletrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.211.100 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-211-100.eu-west-1.compute.amazonaws.com

track.allpartnerdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.77.70.222 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 222.70.77.34.bc.googleusercontent.com

www.confidencesensuelle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.195.163.35 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com

recueillirleconsentement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recueillirleconsentement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.234.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.234.227.35.bc.googleusercontent.com

landers.cdnware.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.221.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com

static.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	confidencesensuelle.com www.confidencesensuelle.com	362 KB
10	recueillirleconsentement.com recueillirleconsentement.com api.recueillirleconsentement.com	24 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	337 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
4	google.com www.google.com — Cisco Umbrella Rank: 13	22 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	519 B
2	scaletrk.com 1 redirects intoxifly.scaletrk.com	2 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 12911	501 B
1	static.dating static.dating — Cisco Umbrella Rank: 388565	180 KB
1	cdnware.io landers.cdnware.io — Cisco Umbrella Rank: 391715	100 KB
1	allpartnerdata.com 1 redirects track.allpartnerdata.com	2 KB
1	g2afse.com 1 redirects leadshark.g2afse.com	273 B
1	gosktrack.com 1 redirects click.gosktrack.com	111 B
1	googleoffer.xyz 1 redirects anik2.googleoffer.xyz	291 B
42	14

	Domain	Requested by
12	www.confidencesensuelle.com	intoxifly.scaletrk.com www.confidencesensuelle.com
8	api.recueillirleconsentement.com	recueillirleconsentement.com
4	www.google-analytics.com	www.confidencesensuelle.com www.google-analytics.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.confidencesensuelle.com www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	recueillirleconsentement.com	www.confidencesensuelle.com recueillirleconsentement.com
2	intoxifly.scaletrk.com	1 redirects
1	www.google.fr	www.confidencesensuelle.com
1	static.dating	www.confidencesensuelle.com
1	landers.cdnware.io	www.confidencesensuelle.com
1	track.allpartnerdata.com	1 redirects
1	leadshark.g2afse.com	1 redirects
1	click.gosktrack.com	1 redirects
1	anik2.googleoffer.xyz	1 redirects
42	16

This site contains no links.

Subject Issuer	Validity	Valid
scaleo.io Amazon	`2021-09-03` - `2022-10-02`	a year	crt.sh
confidencesensuelle.com R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
recueillirleconsentement.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
landers.cdnware.io GTS CA 1D4	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
static.dating GTS CA 1D4	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
Frame ID: 4AB1DBA8763FA3B11BD30E263A957DBD
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY29uZmlkZW5jZXNlbnN1ZWxsZS5jb206NDQz&hl=fr&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=hgy9o6bxzdzl
Frame ID: 2910787E2BF79CA40CF702EDC7DDC994
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

confidencesensuelle.com

Page URL History Show full URLs

https://anik2.googleoffer.xyz/ HTTP 301
https://click.gosktrack.com/click?pid=100&offer_id=54&sub1=mahi HTTP 302
https://leadshark.g2afse.com/click?pid=6&offer_id=29 HTTP 302
https://intoxifly.scaletrk.com/click?a=24&o=175&sub_id1=LS HTTP 302
https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart Page URL
https://track.allpartnerdata.com/aff_c?offer_id=4313&aff_id=2578&url_id=46757&aff_click_id=04528786705295d7b6... HTTP 302
https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

42
Requests

100 %
HTTPS

43 %
IPv6

14
Domains

16
Subdomains

11
IPs

6
Countries

1047 kB
Transfer

1886 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://anik2.googleoffer.xyz/ HTTP 301
https://click.gosktrack.com/click?pid=100&offer_id=54&sub1=mahi HTTP 302
https://leadshark.g2afse.com/click?pid=6&offer_id=29 HTTP 302
https://intoxifly.scaletrk.com/click?a=24&o=175&sub_id1=LS HTTP 302
https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart Page URL
https://track.allpartnerdata.com/aff_c?offer_id=4313&aff_id=2578&url_id=46757&aff_click_id=04528786705295d7b6ac1fd19f7d3883&aff_sub=3 HTTP 302
https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://anik2.googleoffer.xyz/ HTTP 301
https://click.gosktrack.com/click?pid=100&offer_id=54&sub1=mahi HTTP 302
https://leadshark.g2afse.com/click?pid=6&offer_id=29 HTTP 302
https://intoxifly.scaletrk.com/click?a=24&o=175&sub_id1=LS HTTP 302
https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
intoxifly.scaletrk.com/
Redirect Chain

https://anik2.googleoffer.xyz/
https://click.gosktrack.com/click?pid=100&offer_id=54&sub1=mahi
https://leadshark.g2afse.com/click?pid=6&offer_id=29
https://intoxifly.scaletrk.com/click?a=24&o=175&sub_id1=LS
https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart

943 B
1 KB

231ms
230ms

Document
text/html

18.185.201.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.201.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-201-184.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.21
Resource Hash: 1a74918340b1d04270ab30d4c7f8ea0e7a1c941f455031258aa5d75ffcc0a598

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

Redirect headers

date: Tue, 18 Jan 2022 04:43:14 GMT
content-type: text/html; charset=UTF-8
location: https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart
server: nginx/1.20.0
x-powered-by: PHP/7.4.21

GET
H2

200

Primary Request landing64 Show response
www.confidencesensuelle.com/
Redirect Chain

https://track.allpartnerdata.com/aff_c?offer_id=4313&aff_id=2578&url_id=46757&aff_click_id=04528786705295d7b6ac1fd19f7d3883&aff_sub=3
https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

18 KB
4 KB

237ms
156ms

Document
text/html

34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Requested by

Host: intoxifly.scaletrk.com
URL: https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

bfda9860e67d461b989291c5ae6bc6f253ca1267f28afc8cb5f6d59050eafcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://intoxifly.scaletrk.com/click?a=3&s=2&sub_id1=smart

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 18 Jan 2022 04:43:15 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: confidencesensuelle.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 50630482
age: 0
x-cache: MISS
accept-ranges: bytes
via: 1.1 varnish (Varnish/6.0), 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

Redirect headers

Server: nginx
Date: Tue, 18 Jan 2022 04:43:15 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Tracking_id: 102ce75c02bb546a3323a8bbe29959
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 2e9ee2adcaa9c824b1ee33203ef0f72d
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 landing064.css
www.confidencesensuelle.com/landers/css/ 20 KB
4 KB 324ms
322ms Stylesheet
text/css 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/css/landing064.css

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

62673fb674b931ab6921e8893e85360b350beabdbf6b8de63812fd645c1b6dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: MISS
x-host: confidencesensuelle.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 49377938
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 pornhub.css
www.confidencesensuelle.com/landers/css/theme/ 12 KB
2 KB 37ms
36ms Stylesheet
text/css 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/css/theme/pornhub.css

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

46370482887b0bf6f55b26fe40f2b500d2e7e22478eb9662b90fec9fb5d4a64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: HIT
x-host: confidencesensuelle.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2106
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 49569498 50086084
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 fontawesome-all.min.css
www.confidencesensuelle.com/landers/css/ 50 KB
11 KB 58ms
58ms Stylesheet
text/css 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/css/fontawesome-all.min.css

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10650
last-modified: Mon, 10 Jan 2022 14:00:54 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61dc3c16-c970"
strict-transport-security: max-age=63072000;
x-varnish: 50630484 49504587
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 94ms
34ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff1730d70802e56f77594cfc235cd0918648889f1038ee447626acd97acb2f4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 04:43:15 GMT

GET
H2 200 logo.png
www.confidencesensuelle.com/img/ 16 KB
16 KB 24ms
24ms Image
image/png 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencesensuelle.com/img/logo.png

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ce978525dffb5587b599235a5967dbc7e8301731e3194551cf7ab48a827567d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Jan 2022 13:29:16 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4057-5d5c723992300"
vary: X-Forwarded-Proto,Host
content-type: image/png
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 16471
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 loading.gif
www.confidencesensuelle.com/landers/images/loader/ 3 KB
3 KB 36ms
35ms Image
image/gif 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencesensuelle.com/landers/images/loader/loading.gif

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2892
last-modified: Mon, 10 Jan 2022 14:00:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "61dc3c17-b4c"
strict-transport-security: max-age=63072000;
x-varnish: 49962058 46621927
cache-control: max-age=300
accept-ranges: bytes
content-type: image/gif

GET
H2 200 vegas.min.css
www.confidencesensuelle.com/landers/css/ 12 KB
2 KB 35ms
35ms Stylesheet
text/css 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/css/vegas.min.css

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
last-modified: Mon, 10 Jan 2022 14:00:54 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61dc3c16-2e20"
strict-transport-security: max-age=63072000;
x-varnish: 50032845 50201563
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css

GET
H2 200 vendor.js Show response
www.confidencesensuelle.com/landers/js/ 121 KB
43 KB 38ms
38ms Script
application/javascript 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/js/vendor.js

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

92b8884c1233e6be825c4cace16a633bae753456d20569f00f5ddabb9cc44f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43541
last-modified: Mon, 10 Jan 2022 14:01:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61dc3c1f-1e2ae"
strict-transport-security: max-age=63072000;
x-varnish: 50630488 49605169
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 355 KB
140 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3691e4f624d18be55dd5cc04dc7bee4c1c0d283fe3139084c6b7fb9694ead7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.confidencesensuelle.com/
Origin: https://www.confidencesensuelle.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142945
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 08:35:21 GMT

GET
H2 200 cc.js Show response
recueillirleconsentement.com/ 117 KB
14 KB 172ms
83ms Script
application/javascript 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=confidencesensuelle.com&languageCode=fr&languageTerritory=FR&sessionId=8e06d49177c4454ab7050d062ca4ff0a

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

135e3ccef37cf6b22a5b0ba88508f088d8a00a7d34c33c909a11004d910fba2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/javascript
vary: Accept-Encoding
content-length: 14070

GET
H2 200 landing064.js Show response
www.confidencesensuelle.com/landers/js/ 69 KB
19 KB 40ms
39ms Script
application/javascript 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencesensuelle.com/landers/js/landing064.js

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9198b72587bf1894d3fdf8dd3bf49f93a7f01b784197aecfda959b9baea16ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19211
last-modified: Mon, 10 Jan 2022 14:01:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61dc3c1f-113ca"
strict-transport-security: max-age=63072000;
x-varnish: 49769391
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 media-registry.js Show response
landers.cdnware.io/ 99 KB
100 KB 76ms
19ms Script
application/javascript 35.227.234.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://landers.cdnware.io/media-registry.js
Requested by: Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.234.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2f51b86ae1aa35704f12cc5ef0a0f5e0f88203c434fc230da0ce826e38b3701

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 03:48:38 GMT
age: 3278
x-guploader-uploadid: ADPycdtCvfFCth9uCyKtsDRq-crHX129J6V7v0LvRuowxGXKGfjAXWG9BYCI8L9y32Oja6c5R9cznuQTqpzD7lmvu1QQvgzvrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101611
last-modified: Mon, 10 Jan 2022 14:02:12 GMT
server: UploadServer
etag: "68058b47bc991e9b5dbf7ced37851f3e"
x-goog-hash: crc32c=SKsGHw==, md5=aAWLR7yZHptdv3ztN4UfPg==
x-goog-generation: 1641823331963287
cache-control: public, max-age=3600
x-goog-stored-content-length: 101611
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 04:48:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 113ms
52ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landers/js/landing064.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6130
date: Tue, 18 Jan 2022 03:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 18 Jan 2022 05:01:06 GMT

GET
H2 200 fr-fr2.json Show response
static.dating/lander/translations/ 179 KB
180 KB 123ms
48ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/fr-fr2.json
Requested by: Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 33be80683c63e28f6e200c01a15e44d047fa932a8e585eeb073d7d17d9dbcb06

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 03:49:24 GMT
age: 3232
x-guploader-uploadid: ADPycdsLz0cVEZ5oMNJVAcKKsq9YCYLq8TWmXGByvQvFgU65KxDF7T7xsPCfCJc7409kWlaTiIrRQZWVQrYXUySuFpg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183319
last-modified: Mon, 29 Nov 2021 11:33:10 GMT
server: UploadServer
etag: "a404e7caa9fc140fda8206f8247ba4a7"
x-goog-hash: crc32c=K/tBgg==, md5=pATnyqn8FA/aggb4JHukpw==
x-goog-generation: 1638185590345529
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 183319
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 18 Jan 2022 04:49:24 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 2910 39 KB
21 KB 64ms
64ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY29uZmlkZW5jZXNlbnN1ZWxsZS5jb206NDQz&hl=fr&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=hgy9o6bxzdzl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6510235a66f3fe165ab7bcd8c4df893d733cae1266bbcf96ec13db347ff1ea3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4d7AaZ/OsBw9T8XE6WWaaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Jan 2022 04:43:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-4d7AaZ/OsBw9T8XE6WWaaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 67ms
32ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=921663874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.confidencesensuelle.com%2Flanding64%3Fcat%3Ddefault%26pt1%3D102ce75c02bb546a3323a8bbe29959%26pi%3D2578%26pe%3D3&ul=en-us&de=UTF-8&dt=confidencesensuelle.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAAC~&jid=743740732&gjid=71865662&cid=2041443903.1642480996&tid=UA-132064855-2&_gid=236522229.1642480996&_r=1&_slc=1&z=1458589710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.confidencesensuelle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 63ms
32ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=921663874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.confidencesensuelle.com%2Flanding64%3Fcat%3Ddefault%26pt1%3D102ce75c02bb546a3323a8bbe29959%26pi%3D2578%26pe%3D3&ul=en-us&de=UTF-8&dt=confidencesensuelle.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=1878285512&gjid=185135035&cid=2041443903.1642480996&tid=UA-132064855-5&_gid=236522229.1642480996&_r=1&_slc=1&z=1872725892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.confidencesensuelle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 60ms
33ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=921663874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.confidencesensuelle.com%2Flanding64%3Fcat%3Ddefault%26pt1%3D102ce75c02bb546a3323a8bbe29959%26pi%3D2578%26pe%3D3&ul=en-us&de=UTF-8&dt=confidencesensuelle.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=1306791073&gjid=1449640185&cid=2041443903.1642480996&tid=UA-131056979-4&_gid=236522229.1642480996&_r=1&_slc=1&z=1269224516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.confidencesensuelle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 2910 51 KB
24 KB 57ms
25ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY29uZmlkZW5jZXNlbnN1ZWxsZS5jb206NDQz&hl=fr&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=hgy9o6bxzdzl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 16:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:59:00 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 2910 355 KB
140 KB 69ms
37ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3691e4f624d18be55dd5cc04dc7bee4c1c0d283fe3139084c6b7fb9694ead7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142945
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 05:01:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 08:35:21 GMT

GET
H2 200 slide07.jpg
www.confidencesensuelle.com/landers/images/landing064/default/default/ 71 KB
72 KB 37ms
37ms Image
image/jpeg 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencesensuelle.com/landers/images/landing064/default/default/slide07.jpg?geo=fr

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

be7ae60eade4925df1221f8fcf600ff72a9422a76f768cf32da6075431858eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72880
last-modified: Mon, 10 Jan 2022 14:00:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "61dc3c17-11cb0"
strict-transport-security: max-age=63072000;
x-varnish: 50501401
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 69ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132064855-2&cid=2041443903.1642480996&jid=743740732&gjid=71865662&_gid=236522229.1642480996&_u=KEBAAEAAEAAAAC~&z=855110453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 18 Jan 2022 04:43:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.confidencesensuelle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 69ms
24ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132064855-5&cid=2041443903.1642480996&jid=1878285512&gjid=185135035&_gid=236522229.1642480996&_u=KEDAAEABEAAAAC~&z=2050264381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 18 Jan 2022 04:43:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.confidencesensuelle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
36ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132064855-5&cid=2041443903.1642480996&jid=1878285512&_u=KEDAAEABEAAAAC~&z=1735759916

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 80ms
30ms Image
image/gif 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132064855-5&cid=2041443903.1642480996&jid=1878285512&_u=KEDAAEABEAAAAC~&z=1735759916

Requested by

Host: www.confidencesensuelle.com
URL: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2910 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 524266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 19 Jan 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2910 15 KB
16 KB 85ms
26ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 560195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2910 15 KB
15 KB 92ms
33ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 570322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 2910 102 B
134 B 33ms
33ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=fr&v=TDBxTlSsKAUm3tSIa0fwIqNu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22c6a59600c15f0f2a16b9a23f0a7820c9d359ae5613902ace6b9ec0d9c057f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY29uZmlkZW5jZXNlbnN1ZWxsZS5jb206NDQz&hl=fr&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=hgy9o6bxzdzl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 04:43:16 GMT

GET
H2 200 cc.css
recueillirleconsentement.com/ 24 KB
4 KB 24ms
24ms Stylesheet
text/css 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recueillirleconsentement.com/cc.css

Requested by

Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=confidencesensuelle.com&languageCode=fr&languageTerritory=FR&sessionId=8e06d49177c4454ab7050d062ca4ff0a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6073-5b1b123761e40-gzip"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 3892

POST
H2 200 collector Show response
api.recueillirleconsentement.com/consent/ 4 KB
5 KB 49ms
48ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9236a8e743996f0ebc8cc5eea0e1b1ec28db4455080e57625dbd1d4458e5b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
content-length: 4414

OPTIONS
H2 200 collector
api.recueillirleconsentement.com/consent/ Frame 0
0 143ms
28ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/collector

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.confidencesensuelle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 18 Jan 2022 04:43:16 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

OPTIONS
H2 200 loadSegment
api.recueillirleconsentement.com/consent/ Frame 0
0 27ms
27ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.confidencesensuelle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 18 Jan 2022 04:43:16 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 loadSegment Show response
api.recueillirleconsentement.com/consent/ 367 B
586 B 30ms
29ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jan 2022 04:43:16 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
content-length: 367

POST
H2 200 loadSegment Show response
api.recueillirleconsentement.com/consent/ 1003 B
1 KB 31ms
30ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jan 2022 04:43:17 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
content-length: 1003

OPTIONS
H2 200 loadSegment
api.recueillirleconsentement.com/consent/ Frame 0
0 27ms
26ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/loadSegment

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.confidencesensuelle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 18 Jan 2022 04:43:17 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

OPTIONS
H2 200 confirmExplicit
api.recueillirleconsentement.com/consent/ Frame 0
0 28ms
27ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/confirmExplicit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.confidencesensuelle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 18 Jan 2022 04:43:17 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 confirmExplicit Show response
api.recueillirleconsentement.com/consent/ 0
217 B 44ms
44ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recueillirleconsentement.com/consent/confirmExplicit

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.confidencesensuelle.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jan 2022 04:43:17 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.confidencesensuelle.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 slide08.jpg
www.confidencesensuelle.com/landers/images/landing064/default/default/ 82 KB
82 KB 42ms
41ms Image
image/jpeg 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencesensuelle.com/landers/images/landing064/default/default/slide08.jpg?geo=fr

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b08182797320e2713957deaaf568f27cf45f64d705e7290391147ee4194c9e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:21 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83719
last-modified: Mon, 10 Jan 2022 14:00:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "61dc3c17-14707"
strict-transport-security: max-age=63072000;
x-varnish: 50248143
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 slide09.jpg
www.confidencesensuelle.com/landers/images/landing064/default/default/ 103 KB
103 KB 39ms
38ms Image
image/jpeg 34.77.70.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencesensuelle.com/landers/images/landing064/default/default/slide09.jpg?geo=fr

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.77.70.222 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

222.70.77.34.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9039dd122fd8e9e78a50e7e0c7017612d49a202b5ea0848e54af74cbe88c2734

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencesensuelle.com/landing64?cat=default&pt1=102ce75c02bb546a3323a8bbe29959&pi=2578&pe=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 04:43:26 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105354
last-modified: Mon, 10 Jan 2022 14:00:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "61dc3c17-19b8a"
strict-transport-security: max-age=63072000;
x-varnish: 49769448
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leadshark.g2afse.com/	1970-01-20 09:00:16	Name: afclick Value: 61e64562690a5500010d9e8f
leadshark.g2afse.com/	1970-01-20 09:00:16	Name: afoffers Value: {"29":1642480994}
intoxifly.scaletrk.com/	1970-01-20 00:57:52	Name: U-82161242827b703e6acf9c726942a1e4 Value: unique
intoxifly.scaletrk.com/	1970-01-20 00:57:52	Name: U-cfcd208495d565ef66e7dff9f98764da Value: unique
intoxifly.scaletrk.com/	1970-01-20 00:24:45	Name: o_5f93f983524def3dca464469d2cf9f3e Value: 6141f78e-4d00-4a0e-9afb-6ec40e0187a0
intoxifly.scaletrk.com/	1969-12-31 23:59:59	Name: advanced-core Value: t9rrrnqvkdniifu8f0b8mr12fr
track.allpartnerdata.com/	1970-01-20 00:16:07	Name: aff_ran_url_4313 Value: 46757
track.allpartnerdata.com/	1970-01-20 00:59:19	Name: enc_aff_session_4313 Value: ENC0359d0d67e5e347c722290b386033760b0f84b33b2f16973915b9ab8d5b136991949b8aa316cf639406687070d078f7dedc4cec4e2d3f4e73be3cda2d03d55645108bea7b7e7defb19ef001a3d756ea4de9b95c796ec46e23188cb5c36a8c59e67a1b4c540ecdd5539d78f4a80e766f099e196acd649a2a67335a5e1c7dd1ab5cc8d0f7a58e9dcfe73316240f6a6f4bf629b958d0c4105060f87cde8a87d70a2f11fc17c39
track.allpartnerdata.com/	1970-01-21 01:40:16	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImZyLUZSLGZyO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.confidencesensuelle.com/	1970-01-20 17:45:52	Name: _ga Value: GA1.2.2041443903.1642480996
.confidencesensuelle.com/	1970-01-20 00:16:07	Name: _gid Value: GA1.2.236522229.1642480996
.confidencesensuelle.com/	1970-01-20 00:14:41	Name: _gat_a Value: 1
.confidencesensuelle.com/	1970-01-20 00:14:41	Name: _gat_b Value: 1
.confidencesensuelle.com/	1970-01-20 00:14:41	Name: _gat_c Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anik2.googleoffer.xyz
api.recueillirleconsentement.com
click.gosktrack.com
fonts.gstatic.com
intoxifly.scaletrk.com
landers.cdnware.io
leadshark.g2afse.com
recueillirleconsentement.com
static.dating
stats.g.doubleclick.net
track.allpartnerdata.com
www.confidencesensuelle.com
www.google-analytics.com
www.google.com
www.google.fr
www.gstatic.com
18.185.201.184
212.32.250.10
2a00:1450:4001:808::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9b
2a00:1450:400e:810::2003
34.77.70.222
35.195.163.35
35.227.221.175
35.227.234.99
52.209.211.100
62.210.142.141
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
135e3ccef37cf6b22a5b0ba88508f088d8a00a7d34c33c909a11004d910fba2b
1a74918340b1d04270ab30d4c7f8ea0e7a1c941f455031258aa5d75ffcc0a598
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
22c6a59600c15f0f2a16b9a23f0a7820c9d359ae5613902ace6b9ec0d9c057f8
2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86
33be80683c63e28f6e200c01a15e44d047fa932a8e585eeb073d7d17d9dbcb06
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46370482887b0bf6f55b26fe40f2b500d2e7e22478eb9662b90fec9fb5d4a64e
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e3691e4f624d18be55dd5cc04dc7bee4c1c0d283fe3139084c6b7fb9694ead7
62673fb674b931ab6921e8893e85360b350beabdbf6b8de63812fd645c1b6dfc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9039dd122fd8e9e78a50e7e0c7017612d49a202b5ea0848e54af74cbe88c2734
9198b72587bf1894d3fdf8dd3bf49f93a7f01b784197aecfda959b9baea16ecb
9236a8e743996f0ebc8cc5eea0e1b1ec28db4455080e57625dbd1d4458e5b345
92b8884c1233e6be825c4cace16a633bae753456d20569f00f5ddabb9cc44f62
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08182797320e2713957deaaf568f27cf45f64d705e7290391147ee4194c9e66
b2f51b86ae1aa35704f12cc5ef0a0f5e0f88203c434fc230da0ce826e38b3701
be7ae60eade4925df1221f8fcf600ff72a9422a76f768cf32da6075431858eaf
bfda9860e67d461b989291c5ae6bc6f253ca1267f28afc8cb5f6d59050eafcfd
ce978525dffb5587b599235a5967dbc7e8301731e3194551cf7ab48a827567d1
d6510235a66f3fe165ab7bcd8c4df893d733cae1266bbcf96ec13db347ff1ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
ff1730d70802e56f77594cfc235cd0918648889f1038ee447626acd97acb2f4e

www.confidencesensuelle.com Open in urlscan Pro 34.77.70.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

43 %IPv6

14 Domains

16 Subdomains

11 IPs

6 Countries

1047 kBTransfer

1886 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.confidencesensuelle.com Open in urlscan Pro
34.77.70.222 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

43 %
IPv6

14
Domains

16
Subdomains

11
IPs

6
Countries

1047 kB
Transfer

1886 kB
Size

14
Cookies

42 HTTP transactions
0 data transactions