ch-rambouillet.mstaff.co Open in urlscan Pro
18.66.147.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ch-rambouillet.mstaff.co/
Effective URL:
https://ch-rambouillet.mstaff.co/v1
Submission: On December 06 via api (December 6th 2023, 7:14:13 pm UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 24 domains to perform 132 HTTP transactions. The main IP is 18.66.147.92, located in United States and belongs to AMAZON-02, US. The main domain is ch-rambouillet.mstaff.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 17th 2023. Valid for: a year.

This is the only time ch-rambouillet.mstaff.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
1 32	18.66.147.92 18.66.147.92	16509 (AMAZON-02) (AMAZON-02)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
4	35.180.145.57 35.180.145.57	16509 (AMAZON-02) (AMAZON-02)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211a:3200:1c:f638:2940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.126.197.23 3.126.197.23	16509 (AMAZON-02) (AMAZON-02)
12	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
5	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.95 13.32.99.95	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:5a00:19:61a3:b200:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6812:324	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	15.188.160.118 15.188.160.118	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6812:313	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	54.220.137.141 54.220.137.141	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
132	35

1 18.66.147.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

ch-rambouillet.mstaff.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.66.147.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-92.fra60.r.cloudfront.net

ch-rambouillet.mstaff.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.180.145.57 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com

stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:3200:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.197.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-197-23.eu-central-1.compute.amazonaws.com

api.mstaff.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hublohelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-95.fra60.r.cloudfront.net

s.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:5a00:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)

client.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:324 (United States)

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.188.160.118 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

api.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:313 (United States)

ASN13335 (CLOUDFLARENET, US)

app.satismeter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.220.137.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-137-141.eu-west-1.compute.amazonaws.com

in.eu2.segmentapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

axeptio.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	mstaff.co 2 redirects ch-rambouillet.mstaff.co api.mstaff.co	4 MB
12	segment.com cdn.segment.com — Cisco Umbrella Rank: 1681	129 KB
11	stonly.com stonly.com — Cisco Umbrella Rank: 32393 s.stonly.com — Cisco Umbrella Rank: 53627 api.stonly.com — Cisco Umbrella Rank: 34716	130 KB
9	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 24937	712 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1003 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	214 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	satismeter.com app.satismeter.com — Cisco Umbrella Rank: 23593	38 KB
5	zendesk.com hublohelp.zendesk.com	1 KB
4	segmentapis.com in.eu2.segmentapis.com — Cisco Umbrella Rank: 30593	1 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	40 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	338 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	imgix.net axeptio.imgix.net — Cisco Umbrella Rank: 78529	43 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
3	axept.io static.axept.io — Cisco Umbrella Rank: 54203 client.axept.io — Cisco Umbrella Rank: 56715	193 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 452	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
132	24

	Domain	Requested by
33	ch-rambouillet.mstaff.co	2 redirects ch-rambouillet.mstaff.co
12	cdn.segment.com	ch-rambouillet.mstaff.co cdn.segment.com
9	imagedelivery.net	ch-rambouillet.mstaff.co
8	www.youtube.com	ch-rambouillet.mstaff.co www.youtube.com
7	static.zdassets.com	ch-rambouillet.mstaff.co static.zdassets.com
6	api.stonly.com	stonly.com
5	app.satismeter.com	cdn.segment.com app.satismeter.com
5	hublohelp.zendesk.com	static.zdassets.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	in.eu2.segmentapis.com	cdn.segment.com
4	jnn-pa.googleapis.com	www.youtube.com
4	www.googletagmanager.com	cdn.segment.com www.googletagmanager.com
4	stonly.com	ch-rambouillet.mstaff.co stonly.com
3	axeptio.imgix.net	ch-rambouillet.mstaff.co
3	region1.google-analytics.com	www.googletagmanager.com
3	api.mstaff.co	ch-rambouillet.mstaff.co
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	snap.licdn.com	cdn.segment.com snap.licdn.com
2	fonts.gstatic.com	www.youtube.com
2	client.axept.io	static.axept.io
1	px4.ads.linkedin.com	ch-rambouillet.mstaff.co
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	static.hotjar.com	cdn.segment.com
1	play-lh.googleusercontent.com	ch-rambouillet.mstaff.co
1	s.stonly.com	stonly.com
1	static.axept.io	ch-rambouillet.mstaff.co
1	ekr.zdassets.com	static.zdassets.com
1	code.jquery.com	ch-rambouillet.mstaff.co
132	35

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.bienici.com
www.rambouillet.fr
www.iledefrance.fr
www.ch-rambouillet.fr
m.facebook.com
twitter.com
fr.linkedin.com
axept.io

Subject Issuer	Validity	Valid
mstaff.co Amazon RSA 2048 M02	`2023-06-17` - `2024-07-16`	a year	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
stonly.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
static.axeptio.eu Amazon RSA 2048 M02	`2023-06-19` - `2024-07-17`	a year	crt.sh
api.mstaff.co R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
hublohelp.zendesk.com Cloudflare Inc ECC CA-3	`2023-08-25` - `2024-08-24`	a year	crt.sh
client.axept.io Amazon RSA 2048 M01	`2023-08-03` - `2024-08-31`	a year	crt.sh
imagedelivery.net Cloudflare Inc ECC CA-3	`2023-05-29` - `2024-05-28`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
satismeter.com Cloudflare Inc ECC CA-3	`2023-06-17` - `2024-06-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
in.eu2.segmentapis.com Amazon RSA 2048 M03	`2023-10-14` - `2024-11-11`	a year	crt.sh
*.imgix.net Certainly Intermediate R1	`2023-12-01` - `2023-12-31`	a month	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://ch-rambouillet.mstaff.co/v1
Frame ID: 1B3481BC69CF993DE06C6E694C76B47C
Requests: 96 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: B6AF76EE41B089495DFC54F269AA620A
Requests: 9 HTTP requests in this frame

Frame: https://s.stonly.com/stonly-stat-id.html?widgetId=952da2cb-81ea-11ea-ad85-06f7e2c08348&v=1.5
Frame ID: E73C16B7A0FE0B7334A8907090EFD06B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
Frame ID: C5F123863704EEB1ADDF5E72934A4373
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mstaff

Page URL History Show full URLs

http://ch-rambouillet.mstaff.co/ HTTP 301
https://ch-rambouillet.mstaff.co/ HTTP 302
https://ch-rambouillet.mstaff.co/v1 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

98 %
HTTPS

60 %
IPv6

24
Domains

35
Subdomains

35
IPs

5
Countries

7277 kB
Transfer

12319 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/dir//5%20Rue%20Pierre%20et%20Marie%20Curie,%2078120%20Rambouillet,%20France
Title: Comment m'y rendre

Search URL Search Domain Scan URL

URL: https://www.bienici.com/recherche/location/78120
Title: Me loger

Search URL Search Domain Scan URL

URL: https://www.rambouillet.fr/
Title: Site de la ville

Search URL Search Domain Scan URL

URL: https://www.iledefrance.fr/
Title: Site de la région

Search URL Search Domain Scan URL

URL: http://www.ch-rambouillet.fr/
Title: Site de l'établissement

Search URL Search Domain Scan URL

URL: https://m.facebook.com/people/Centre-Hospitalier-de-Rambouillet/100070146257249/

Search URL Search Domain Scan URL

URL: https://twitter.com/HRambouillet

Search URL Search Domain Scan URL

URL: https://fr.linkedin.com/company/centre-hospitalier-de-rambouillet

Search URL Search Domain Scan URL

URL: https://axept.io/get-widget?utm_source=ch-rambouillet.mstaff.co&utm_medium=widget
Title: Découvrez Axeptio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ch-rambouillet.mstaff.co/ HTTP 301
https://ch-rambouillet.mstaff.co/ HTTP 302
https://ch-rambouillet.mstaff.co/v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 110

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D523233%26time%3D1701890045307%26url%3Dhttps%253A%252F%252Fch-rambouillet.mstaff.co%252Fv1%252Ftab%252Fabout%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true&e_ipv6=AQLPUxwOwm96dQAAAYxAjTkqR_KgCdVpUNCn21BKHB9-TpNy1bYWIMVC7C82Bzbh77SgeGSysauieA

132 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request v1 Show response
ch-rambouillet.mstaff.co/
Redirect Chain

http://ch-rambouillet.mstaff.co/
https://ch-rambouillet.mstaff.co/
https://ch-rambouillet.mstaff.co/v1

2 KB
2 KB

76ms
68ms

Document
text/html

18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: bc405a7e06498e5d7799f25c6950dcba4eb44b067fa0edf98c4c8640eab35ce7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2013
content-type: text/html
date: Wed, 06 Dec 2023 19:14:00 GMT
etag: "656daad4-7dd"
last-modified: Mon, 04 Dec 2023 10:32:52 GMT
server: nginx/1.24.0
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-id: UJRhKhU9RLQYFtvLszZifc3ysu0RJfyc0aSeyPPiz_rmweZpZ16ZHQ==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 19:13:59 GMT
location: https://ch-rambouillet.mstaff.co/v1
server: nginx/1.24.0
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-id: b3Lyk-XOH1AlesRSnF0-MnzJBrYH0TbWf8X0X_YlLFvTA21hTActyw==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

GET
H3 200 all.min.css
ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/ 170 KB
171 KB 209ms
207ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:51 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad3-2a8fd"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 174333
x-amz-cf-id: 6Ut90V_kNmmDHdCDNUrULzD3bVGAI6wmPHyM4QYzED4YnbOdnkr5Lg==

GET
H3 200 app-load.css
ch-rambouillet.mstaff.co/assets/css/ 2 KB
2 KB 109ms
104ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/css/app-load.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 7111ad1a8a18da8f91bf680d6143aafa7b82b8ea51af388d1f4a279e978b33bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-7ef"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2031
x-amz-cf-id: F-cTIhl1VjG5N-ApHuLO_2OOIAIUV1x0IcwBqtD7KyapkcMZ_c1MCQ==

GET
H3 200 stonly.js Show response
ch-rambouillet.mstaff.co/assets/js/ 565 B
823 B 110ms
106ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/js/stonly.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf731e79b55afcc0696a0e8604d8d6107e1a7aefd065ee659f8a1f7b75ffdfd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-235"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 565
x-amz-cf-id: cEGelb06t6pOmkcLPmkAW9lXg-X69OnMI7dqSCB_M3q3YVzhogVUIw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 314ms
99ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=aa09b07e-b446-459a-9f0b-191509a6aba3

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 51
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB6C4g5%2BJHB491so7huIYapTliKAfElVsqttNZhe2PjkhG7j87q3RvSglcKp6UOZQc0xmMvZTHwMJ3dcenm%2FakI%2BMToLjCr3z6wszbYwk%2F5xje4OfzoLkS78vJvRix%2FIE5WOpOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8316d96ff9965d48-FRA

GET
H3 200 chunk-vendors.af0944f3.js Show response
ch-rambouillet.mstaff.co/js/ 2 MB
2 MB 207ms
204ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/chunk-vendors.af0944f3.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: a2147ace43a26e238de98888bf028931880d4222c3bb98ac45f6b5fb40de476d

Request headers

Referer: https://ch-rambouillet.mstaff.co/v1
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-20983b"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2136123
x-amz-cf-id: ncmGjUTs3UAfzxFAOaQaFI8T6kP7eqFE0VJGi8LT1peeqrFs3yAwCA==

GET
H3 200 app.0826d55d.js Show response
ch-rambouillet.mstaff.co/js/ 150 KB
151 KB 104ms
101ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 27ffc62de61ff7d979422452cbd8a821f8ad2c30283409adc217f6d54810a48a

Request headers

Referer: https://ch-rambouillet.mstaff.co/v1
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-2593d"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 153917
x-amz-cf-id: 7EOaOqGJqpSU2qVnQGZo41A0wIlBNBFMvsDQjf5bX4vIQSMFkr5ZdQ==

GET
H3 200 chunk-vendors.b27a9cdc.css
ch-rambouillet.mstaff.co/css/ 266 KB
266 KB 309ms
306ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/css/chunk-vendors.b27a9cdc.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: ad31d8541aaf027a28bd2dc74418c2a77d8e08297e9f103b03ba000369c551fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-42713"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 272147
x-amz-cf-id: GG0DCBsehKSnbu4i_rAS03YGR-ifLKkZLSsAFTIIWy4NvJ7UuxS7Sw==

GET
H3 200 app.9d28d42e.css
ch-rambouillet.mstaff.co/css/ 3 KB
3 KB 311ms
309ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/css/app.9d28d42e.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 5b28e70f4d3c1449fbb07e1b9513d36a7bbdc93724a8b711cbabe235ee029db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-c89"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3209
x-amz-cf-id: KIfOvDSg4osyEwi66-s_fakCryk5gTpjlngXCjaydO5yY0DArZ7EoQ==

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 307ms
99ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://ch-rambouillet.mstaff.co/
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7087841
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230021-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701890040.313437,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 44763

GET
H3 200 axeptio.js Show response
ch-rambouillet.mstaff.co/assets/js/ 296 B
554 B 309ms
307ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/js/axeptio.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 3625837ba0ec6afc27987153c22f903e12c7d2e53734ef0c7c1f3ed77eebe6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:00 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-128"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 296
x-amz-cf-id: 4PtfaDi-U0KyAq_vpeYyOHfB8RxeyuerwAAVVX39wckOaOKJrgdMlQ==

GET
H/1.1 200
OK version Show response
stonly.com/js/widget/v2/ 8 B
347 B 1164ms
864ms XHR
application/octet-stream 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stonly.com/js/widget/v2/version?v=1701890040698
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/js/stonly.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f8f5e0e437dfa4d9a50b7fe05ad5e954dd8e37828a72fdd72fb6afe94889aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:01 GMT
Last-Modified: Wed, 06 Dec 2023 15:20:49 GMT
Server: nginx
ETag: "65709151-8"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 aa09b07e-b446-459a-9f0b-191509a6aba3 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 652ms
352ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/aa09b07e-b446-459a-9f0b-191509a6aba3

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=aa09b07e-b446-459a-9f0b-191509a6aba3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fa876e9dd650f72347835923d7b536fa95c2e30d394440da070216cd33fc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 830a3158fb95036f-SEA, 830a3158fb95036f-SEA
x-runtime: 0.003705
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"45fa876e9dd650f72347835923d7b536"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4tRLC4IHxFlFS8Uz5Lg4iyW8AafXuPZV%2Bdzd%2B87KuNVtKHJ0PJDyvD9E33OFvQmy8QVzOgJHPzgRcf9wtfedi%2BdGzcsp%2FQlMGkw8%2FkYKdRkM7Gb1nlOzcHvGGc3JI%2F76gQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8316d974498b5c3e-FRA

GET
H2 200 sdk.js Show response
static.axept.io/ 687 KB
179 KB 1546ms
315ms Script
text/javascript 2600:9000:211a:3200:1c:f638:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/sdk.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/js/axeptio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:3200:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392f8291ca2e722bdbe3b20f02acdd6a721e30c22a74ca7e95aafe935996e8e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 04:30:13 GMT
content-encoding: br
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
last-modified: Wed, 22 Nov 2023 09:29:15 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 53344
x-amz-server-side-encryption: AES256
etag: W/"0db3afd316b8ce997716a7c4f999f612"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: p5StBzTZEv-2S1nRfwyrNp6CLYBHxdKigucM2h6xjAVE043YQkJA_A==

GET
H/1.1 200
OK ch-rambouillet Show response
api.mstaff.co/subdomain/ 816 B
1 KB 377ms
178ms XHR
application/json 3.126.197.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mstaff.co/subdomain/ch-rambouillet?groups=establishment:self,grouping:self,superGrouping:self,Establishment:address,Address:postalCode,Address:formattedAddress,Address:lat,Address:lng,Establishment:banner,Grouping:banner,SuperGrouping:banner,Establishment:logo,Grouping:logo,SuperGrouping:logo

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.126.197.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-197-23.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

613361b7a1e7f16bd956d83bb7f7a25707735b72d50a5a7e4de9493a10f2b51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:01 GMT
Strict-Transport-Security: max-age=7776000
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Access-Control-Expose-Headers: link, x-error-client
Cache-Control: no-cache, private
Connection: Keep-Alive
Link: <https://api.mstaff.co/v2/api_documentation?_format=jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Keep-Alive: timeout=5, max=100

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B6AF 435 KB
137 KB 136ms
135ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=aa09b07e-b446-459a-9f0b-191509a6aba3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
x-amz-version-id: RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FSF5803D2MZ177K
age: 145503
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"531e7cd49856ceac1ab739dee1bd9825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoZZw8JQKgDY%2FuQZy2BEEjcxZE31XECztEFBCFlFujGkaPAux1qVCAZeexJtQKQ6M0UXPinbfz3W2UE2LyFUTzFkbV15wn1vxHZgD6qJ175SUKSNUPWEWkcpWtsn%2B%2BHzPjNx7bE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d977abee5d48-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H3 200 .version Show response
ch-rambouillet.mstaff.co/ 7 B
279 B 163ms
163ms XHR
application/octet-stream 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/.version
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/chunk-vendors.af0944f3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: d017e5e0b1b46d9e85200deb17573d2742de0deb101a7410062c2df8d3a0e138

Request headers

Pragma: no-cache
X-XSRF-TOKEN: eyJpdiI6IkhJV3RhZ2E1aFo2bFF4c0hqeFR6Ymc9PSIsInZhbHVlIjoiZUFWZGtWOEFjR21aTWdMWjBqQVc1K2ExMXZlNDJGcHVUb1FMdFdPZWFqbGpmMkJPaHVkRDFURk5PeUJEbnoyVnRUYWJZUVN4cmwrVjJsVGZJMG5KWHJxSEhTNVZyYmc3Z2FkY1VpVHFhbzVFN0JsVFk5M3hDSkNKcUlPdnNVamIiLCJtYWMiOiI0ZjcyMTZjZjQxNjk5MTUyZmFjM2FhOTMzMmM3Y2U0MjdmZmJiNzQ3MjA2MjRjMjg0YWE4YjQ5YjQ3NWY4YjcwIiwidGFnIjoiIn0=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://ch-rambouillet.mstaff.co/v1
Expires: -1

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-7"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7
x-amz-cf-id: 2JYbHfiL34GldWR8wAfTMwUlSttb2y4Az7PZsQP-opEAVJPN9TkwJA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/ 108 KB
29 KB 943ms
771ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 982a1fdc4ab4427b67faee8088e70c635cd236d103c5b174493e073c4fc75525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: UWeRQ59qRPfwGIchGpzHAkiaey1TM_tY
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 19:14:03 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 18:12:04 GMT
server: AmazonS3
etag: W/"5bee4993e2bfe879a248ddbacf51c928"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: jZXN1d3DbauBFiIigcyCrFyRAutcmdFfNg1r6I78TqWj0EOBbNL1EQ==

GET
H3 200 7907.0dd26531.js Show response
ch-rambouillet.mstaff.co/js/ 51 KB
51 KB 160ms
160ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/7907.0dd26531.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 018cf75c2022871f96e3faada699b103a3d0460a62fe789252521f2957bf9ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-caeb"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 51947
x-amz-cf-id: KIczJg24ROomtxsa8dCylh1D7z_seJrVmokJAxvAt3YjP244yz9m8Q==

GET
H3 200 9980.20e90297.js Show response
ch-rambouillet.mstaff.co/js/ 70 KB
70 KB 161ms
161ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/9980.20e90297.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 1ed82ff9f5ba517016e021993e7a467c5f6845fcb272d3f931fd141ca650b7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-11769"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 71529
x-amz-cf-id: qg04Uy0iX_xj7aBjbJ2XLaT0wtUgr48tCtP5_RlEdcyrvcwyDukqfA==

GET
H3 200 6471.9f99edd5.css
ch-rambouillet.mstaff.co/css/ 4 KB
4 KB 99ms
99ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/css/6471.9f99edd5.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 7faea6864c9684f0fc2d2b09c3395816e336ded13fba0e567ad58abffdff1c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-1094"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4244
x-amz-cf-id: POPf92sGXE7LY6x2g5u-7YG3xc3w2JriQZ5f0bGUE0IrFbAuxmM2DA==

GET
H3 200 6471.9f65c8a9.js Show response
ch-rambouillet.mstaff.co/js/ 15 KB
15 KB 85ms
85ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/6471.9f65c8a9.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 367f03c60d0569a5380fd7566c2ae24052f34f7a1cc2f0ea9d54588df56b967e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-3b40"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15168
x-amz-cf-id: NWGCIagCi9VuNRfQOwS6zG1UyTDX0Zr6hXcWmUEliUxjnKW_25R6PA==

GET
H3 200 8561.00e4c5be.css
ch-rambouillet.mstaff.co/css/ 318 KB
318 KB 88ms
88ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 1b3b8295da7b778d55bc8eac414754e5e84ce7e948d451ecb50fa7487c0853aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-4f800"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 325632
x-amz-cf-id: d8ICejflmEFvklVn_Y6SJBHRUKtDNUjh9eQaGFqyEM1BC0UYTRr-dw==

GET
H3 200 8561.2b45f460.js Show response
ch-rambouillet.mstaff.co/js/ 167 KB
167 KB 98ms
97ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/8561.2b45f460.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: c2976f088fd5164361d3442f51e638416b5a89d0a1c4e8c6c37b8cc9ef36a151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:01 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-29af9"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 170745
x-amz-cf-id: sdy-4dBoN33F948qWmLNqumATbfqSFOFrAd2cM57AwcmWaqAh30tgA==

GET
H/1.1 200
OK stonly-widget.js Show response
stonly.com/js/widget/v2/ 39 KB
13 KB 310ms
150ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=baa0b0ae
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/js/stonly.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 83871cfa6c7734a9fa4c949e70d22cc24d94b1afdff688beedfb731894ab1db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Dec 2023 15:20:49 GMT
Server: nginx
ETag: W/"65709151-9c93"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Wed, 20 Dec 2023 19:14:02 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame B6AF 16 KB
3 KB 117ms
115ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
x-amz-version-id: 0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1TFH680FZ3Z4DS24
age: 145504
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: JHSsTry7Z/BpuQF1mkldGuFNT/W9ZJn3gMDBW6FyAuJMdPusC2xCrRfnoyuU12lb9jMgUYN+ENs=
last-modified: Tue, 05 Dec 2023 00:28:38 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0usIfXiErU8%2BEhi5RZHwLOtEmY%2FAX8UywDWGDe6k2sKwyoUbtWB2JIIJsTx0%2BBtZFXZvyzftWw0MmkdsD1ttP2U9ppXA7%2FrVE1Urkl5%2F0%2FK5jzvTzbo5QWM22kaxCBO%2Fao66rk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d97af88f5d48-FRA
expires: Wed, 04 Dec 2024 00:28:37 GMT

GET
H2 200 web-widget-4852-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B6AF 139 KB
47 KB 119ms
118ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
x-amz-version-id: rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAXRE02KY1AZG7F
age: 145504
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uyEPGfZ39SlZMIpB1RGsAABC8YlXb6fJ5Y+hD9noU94LLvyTvjeH1sbT6B0MvtBxXFM91yytGdwQuVnsmEl0CA==
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g6hxRvvSYZWfXcNA%2B6vbEp7seGj%2BgzyUr1SIJxeI3xpqecnkgUqb1vIOz9DHkiShPnH1VnZocrKHCJa7oE4V7uEK0JtZOdZxqA0hv1HianpC6zambrUIiXC2yAlbQgeTO4UYMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d97af8915d48-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-519-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B6AF 24 KB
8 KB 115ms
114ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
x-amz-version-id: GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS3V2M4QJ2ZK33P
age: 145506
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLKQbf0oDiAc6ndBRw28s18O4Og2fV6ILKFabeuqv2h3ADeHvu%2FNczWgrcc75767Qr1VG4vHta5Yh6HskPnTlphgqILplkS8JxjSkDZRus%2BiUGzeuIzKZBWAIpgsnwZqV1W%2B4ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d97af8945d48-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-5178-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B6AF 24 KB
7 KB 34ms
33ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
x-amz-version-id: NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAQVMQBVP6K8990
age: 145504
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: TK/AZSDN26bqAfNa6WTfvEdxQUX0QJXKYZD1bqO6X5+EK0r7usNnqaMMzwOxY8UhxKY6nt4MQgk=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3R4vfj9OdJQRNeE2Uqe9FK1qahBEPJrxP%2BTO0acCUqEy4vGV7HdbSasDLr52Z6CZxMxHK5C94nmvLv5gTu5tyJLglBgrGSg8mmg9XP1e8TfF1uF81PNsO9rEmQbb6GM%2FE5UVp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d97af8975d48-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-9535-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame B6AF 15 KB
6 KB 133ms
133ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
x-amz-version-id: ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DGAPYB7RVAW7PJHD
age: 145504
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LC24n1k4UTXrcSOVS+iTkc9O6eEHNgBkRjg38QC4zxrfVph2flnYKtoV/TdQVWhBnH75nffI3kfqzTligwZ0Hg==
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0DRJI0WgqpYnH7wV8wvshgvBhWfKq2f9hezuCTKUg%2BcjXD7mgMsBzX8rGIRDzbI1MqAbRTXYR9ZnDnS2T1lgBV0z7WuVgV%2F39ZX5kPkLOPDJBxYiGJmtRUugqJGTPEjBLxtuAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8316d97af8995d48-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H3 200 Nunito-Regular.6dde4e97.woff2
ch-rambouillet.mstaff.co/fonts/ 43 KB
43 KB 99ms
98ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Nunito-Regular.6dde4e97.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 45ee4fa580cc27997dcb1f20dcbf98bcbcf54c47abe761932f1efdcd46a39c48

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-ac40"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 44096
x-amz-cf-id: r-TPGFcsiXRDI4bbpyb2LHFQZdN-zoYjFrMrPhg_RHjQ-g9UVcEuHg==

GET
H/1.1 200
OK career Show response
api.mstaff.co/establishment/95280/ 19 KB
20 KB 122ms
121ms XHR
application/json 3.126.197.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mstaff.co/establishment/95280/career

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/chunk-vendors.af0944f3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.126.197.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-197-23.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

ed68ee6abed42d31062a10530914a8e4c3f938e55e330fcd8162032d0d1167bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: application/json, text/plain, */*
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:02 GMT
Strict-Transport-Security: max-age=7776000
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Access-Control-Expose-Headers: link, x-error-client
Cache-Control: no-cache, private
Connection: Keep-Alive
Link: <https://api.mstaff.co/v2/api_documentation?_format=jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK 95280 Show response
api.mstaff.co/offer/establishment/ 189 KB
189 KB 411ms
275ms XHR
application/json 3.126.197.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mstaff.co/offer/establishment/95280?currentState=published&groups=offer:establishmentCareer,Offer:image,Offer:descriptionMission,Offer:descriptionEstablishment,Offer:descriptionProfile,Establishment:idhublo&pagination=false

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/chunk-vendors.af0944f3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.126.197.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-197-23.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

58e23d36f503ba60a9874daf132408a8f4693c45ef1ae58b4f1fd7add6e0fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: application/json, text/plain, */*
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:02 GMT
Strict-Transport-Security: max-age=7776000
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Access-Control-Expose-Headers: link, x-error-client
Cache-Control: no-cache, private
Connection: Keep-Alive
Link: <https://api.mstaff.co/v2/api_documentation?_format=jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Keep-Alive: timeout=5, max=100

OPTIONS
H2 204 pv
hublohelp.zendesk.com/frontendevents/ Frame 0
0 327ms
182ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hublohelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ch-rambouillet.mstaff.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8316d97ccdfb6977-FRA
date: Wed, 06 Dec 2023 19:14:02 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piSMO4ctaAbyPs9i4rkmX9KKL%2Fgfi4LvYEX2kJB2Ldlklp4WVC65G2OTFMvCQOn3udyzd8d9%2FlNotNWOeVJWNqreCS1kUKCvpyjx9Wq2cfoeA%2FQ1gqxfXtTU1ExpdZz4LT98FnhBDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8316d97ccdfb6977-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
hublohelp.zendesk.com/frontendevents/ Frame B6AF 0
0 177ms
176ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hublohelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzKfpFJGA0HBWkmulO0hebnCTC2WWbD8ySQBsFgd2GeFLZbrFeblm7JUheFsu6bD%2Bi864YIFq573yc3zH1ilAm5HMj%2FISBA0979hBRXJz4iKqbKHlKiNxXPl1S%2BGvOXqGl8iyPOU6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8316d97def4b6977-FRA
content-length: 0
x-request-id: 8316d97def4b6977-FRA

GET
H2 200 config Show response
hublohelp.zendesk.com/embeddable/ Frame B6AF 835 B
1 KB 326ms
181ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hublohelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f9b68c5305fd99b771611177ea38b822e5e3cffbf040e0488861dc7ff445ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-8694cc55d4-vdrrg
x-cached: MISS
x-request-id: 8316d97cce006977-FRA
x-runtime: 0.002068
last-modified: Wed, 06 Dec 2023 19:07:03 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq91njfldsPk3BQdO8jvt0IUrYJYYinHnZ%2BE3czlTyUMhAj7%2Bp7E3RcRuryIK%2Ffp2lbu5XeGW2MsksjNsm7tYFy1q%2B0caPPnlCe%2Ba6g0WbyH14rc%2Fbd0tjdfN6GbwjEGJX5KRq8h%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8316d97cce006977-FRA

GET
H/1.1 200
OK vendors~widget-6a10b4723bf3a3343a8a.stonly.js Show response
stonly.com/js/widget/v2/ 179 KB
63 KB 120ms
118ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stonly.com/js/widget/v2/vendors~widget-6a10b4723bf3a3343a8a.stonly.js
Requested by: Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=baa0b0ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Dec 2023 15:20:49 GMT
Server: nginx
ETag: W/"65709151-2cd57"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Wed, 20 Dec 2023 19:14:02 GMT

GET
H/1.1 200
OK widget-8d28aabdd00b1b56562e.stonly.js Show response
stonly.com/js/widget/v2/ 169 KB
50 KB 374ms
236ms Script
application/javascript 35.180.145.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Requested by: Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=baa0b0ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 834178be7531c3671c04ee17ed3d07bbae076250a85a592c479cef06a1c391e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 19:14:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Dec 2023 15:20:49 GMT
Server: nginx
ETag: W/"65709151-2a31c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Wed, 20 Dec 2023 19:14:02 GMT

GET
H2 200 stonly-stat-id.html Show response
s.stonly.com/ Frame E73C 3 KB
1 KB 1386ms
117ms Document
text/html 13.32.99.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.stonly.com/stonly-stat-id.html?widgetId=952da2cb-81ea-11ea-ad85-06f7e2c08348&v=1.5
Requested by: Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343

Request headers

Referer: https://ch-rambouillet.mstaff.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17012
content-encoding: br
content-type: text/html
date: Wed, 06 Dec 2023 14:30:33 GMT
etag: W/"b714291e1f3178ac2a5d4e3c7974d64b"
last-modified: Tue, 05 Dec 2023 13:40:41 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: DX0uoTwn5P0gn30rtcrZ7OqkU1mNkVyMtkbR49hHUcEYrycpLqxqbQ==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 6081237ae6a57b5400b609f3.json Show response
client.axept.io/ 75 KB
10 KB 432ms
234ms Fetch
application/json 2600:9000:211e:5a00:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/6081237ae6a57b5400b609f3.json?r=0
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5a00:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19180d5fba36693dcfb946b62024beb2217802fcbe1bc7f84ff4b54c5c084c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
x-amz-version-id: 2OH2Xsm9qtaCu1U2yNImR5Js9QQLhiWn
content-encoding: gzip
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Mon, 02 Oct 2023 19:16:26 GMT
server: AmazonS3
etag: W/"9ae20a5e7ca82fedc601d087003cd76a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 6hdLVuffufNydyrJpbYrJFzLzqEuWgyigtzHl1DlF36ugvBYdunzoQ==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/ 5 KB
2 KB 631ms
459ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c7a5b8ed7cebd4379fb945a0d9468656f082e57ebd42919ba861dffa269eb7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: hJLF.qsdZYKCcotDT7PqARWQ19VI0rAR
content-encoding: br
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 18:51:10 GMT
x-amz-cf-pop: FRA6-C1
age: 2251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 18:12:05 GMT
server: AmazonS3
etag: W/"433ce5a08e1925979d5d0b097111d9be"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: QFuqajnbHMjaipFqeMFI8Y-96MKUf2Rp81_qGO0k_HYZ958XMk9gRw==

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/0bf48bc1-0d81-4529-277a-d593e25e9100/ 207 KB
208 KB 365ms
93ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/0bf48bc1-0d81-4529-277a-d593e25e9100/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13cb9a35084f62acfa468cbd2cd73ffe185af7d701d698ede44f585395731f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=577+154 c=0+0 v=2023.9.8 l=212397
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 212397
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfotUBQlw4SA9_uHRx6bwKcEUtfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828ef79bfe-FRA

GET
H3 200 logo_happytal.png
ch-rambouillet.mstaff.co/assets/img/career/ 8 KB
8 KB 119ms
118ms Image
image/png 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-rambouillet.mstaff.co/assets/img/career/logo_happytal.png
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: b82b6c2233a19a2b2a2521515d2098e6359cd2ea16ccbacec97e883ad6b6c111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-1e1b"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7707
x-amz-cf-id: _yd9vjs9OWGRJAYP4nsjhQ4crY_Sg3_xTGEy56cpQ6G_-fKKs6dRrg==

GET
H2 200 LAONrANjlo5gd2rEj_baIYmjpvzE25SOIzZwu3zfpIBykJTClUVM44Ukq2gnUArDl4w
play-lh.googleusercontent.com/ 11 KB
11 KB 354ms
83ms Image
image/png 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/LAONrANjlo5gd2rEj_baIYmjpvzE25SOIzZwu3zfpIBykJTClUVM44Ukq2gnUArDl4w

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

68fa2b9fb8e2f5e5ff6046227d1017952512c3f2fcaba3a6329b98562615ab76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10759
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 Dec 2023 19:14:03 GMT

GET
H3 200 6324.1c0993b0.css
ch-rambouillet.mstaff.co/css/ 6 KB
6 KB 126ms
125ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 754ea1703a3c9887a41967ea77314d2098af6408ac82b1d1e80c3dcdf110f864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-1613"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5651
x-amz-cf-id: FvriycWLocqHSsrYnW4VvSjuzq4MnHSUJFs29ywsSLDTrA2U1Pl8UQ==

GET
H3 200 6324.f8967519.js Show response
ch-rambouillet.mstaff.co/js/ 10 KB
11 KB 119ms
118ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/js/6324.f8967519.js
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/js/app.0826d55d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 5b8b229961c38950d94f99e69be7db63105648d2187c727f6e0f8f69f7767882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad2-2910"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10512
x-amz-cf-id: VHJytwHot9VmveXQCwfso5VjuFlz3UzJp7b3a8nfmSU_RV0L78G-jQ==

GET
H2 200 4QS59yPB448 Show response
www.youtube.com/embed/ Frame C5F1 95 KB
41 KB 450ms
190ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bcb5b22800ba82c3dcc7121c7ab8c8a021ee35ae96994a607f0957af75f35ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch-rambouillet.mstaff.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:14:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Figtree-Medium.d8c340a9.woff2
ch-rambouillet.mstaff.co/fonts/ 16 KB
16 KB 123ms
123ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Figtree-Medium.d8c340a9.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 64486254e351da67d4a4d17695815511a8ecad4d4ecf61dd6221557a7f32a1b5

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-3e90"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16016
x-amz-cf-id: mFeCtILQMSn9R9yMtll6aH6Od3eu-72DUxrY3FOfQIcObwsSqQ7ebQ==

GET
H3 200 fa-light-300.woff2
ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/ 185 KB
186 KB 190ms
189ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/fa-light-300.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4

Request headers

Referer: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:51 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad3-2e4d0"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 189648
x-amz-cf-id: f2PhF8rrenj9hwDtvHg_DA8iqYHGhOyo7RlMIS1FIlUcN4DTgdHEAw==

GET
H3 200 Nunito-Bold.f3c170a2.woff2
ch-rambouillet.mstaff.co/fonts/ 43 KB
43 KB 186ms
185ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Nunito-Bold.f3c170a2.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: c6fbafe942a20aafc069f8e089f2bf67adb05961b26a71bba56adff485422b40

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/8561.00e4c5be.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-ab28"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 43816
x-amz-cf-id: zu_DYB8hSzpDt2xeFxlUy_BrtvavVnjBX_KZHblgr9yyESoHrmYA8Q==

GET
H3 200 fa-brands-400.woff2
ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/ 77 KB
77 KB 188ms
187ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/fa-brands-400.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0

Request headers

Referer: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:51 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad3-13280"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 78464
x-amz-cf-id: gFCj92X4_6FVnM3xpLQyW1HFXZ7ipQlI4aHWNUvpGloXOXQRyDWqfA==

GET
H3 200 fa-solid-900.woff2
ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/ 138 KB
138 KB 124ms
123ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/webfonts/fa-solid-900.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

Referer: https://ch-rambouillet.mstaff.co/assets/lib/fontawesome-pro-5.15.1-web/css/all.min.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:32:51 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daad3-226c4"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 140996
x-amz-cf-id: OW5IigoeVPRSKSPaJekaWnCEEF4bPTdVDrmgF9HxtUo9r5_QXr-QTg==

GET
H3 200 Nunito-Regular.6dde4e97.woff2
ch-rambouillet.mstaff.co/fonts/ 43 KB
43 KB 183ms
182ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Nunito-Regular.6dde4e97.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/app.9d28d42e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 45ee4fa580cc27997dcb1f20dcbf98bcbcf54c47abe761932f1efdcd46a39c48

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/app.9d28d42e.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-ac40"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 44096
x-amz-cf-id: xQ2OaL_cJkjXpdDGl8HclAexvIJwnvv3cJzIC_T9CrbeLH0MJAvV5g==

GET
H3 200 Figtree-Medium.d8c340a9.woff2
ch-rambouillet.mstaff.co/fonts/ 16 KB
16 KB 131ms
130ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Figtree-Medium.d8c340a9.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 64486254e351da67d4a4d17695815511a8ecad4d4ecf61dd6221557a7f32a1b5

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-3e90"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16016
x-amz-cf-id: oCxo_i0GaJncNFpuAZ3y3cY9LsxGxqBS6s8jyAL0-m2Yt2EmwEQ72A==

GET
H3 200 Nunito-Regular.6dde4e97.woff2
ch-rambouillet.mstaff.co/fonts/ 43 KB
43 KB 130ms
129ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Nunito-Regular.6dde4e97.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 45ee4fa580cc27997dcb1f20dcbf98bcbcf54c47abe761932f1efdcd46a39c48

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-ac40"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 44096
x-amz-cf-id: rs3iKMoeCUglgfNTDJV9NueVK4WiweWWfcnA34fZo8HAbKI1ZdQokQ==

GET
H3 200 Nunito-Bold.f3c170a2.woff2
ch-rambouillet.mstaff.co/fonts/ 43 KB
43 KB 135ms
135ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Nunito-Bold.f3c170a2.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: c6fbafe942a20aafc069f8e089f2bf67adb05961b26a71bba56adff485422b40

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-ab28"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 43816
x-amz-cf-id: qEdqifTvleuSiH6Y4DRrnAmL-K61XNvzKcsMk2zqXIml3jU26kj4Kg==

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/5e0a6cb3-472f-4dab-4959-2069c8039c00/ 35 KB
36 KB 4207ms
4089ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/5e0a6cb3-472f-4dab-4959-2069c8039c00/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd70e0da641d447f4e900e5611ca1790f97ce99cef01cf58e88ba0d025350fb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=3748+177 c=0+0 v=2023.9.8 l=36222
date: Wed, 06 Dec 2023 19:14:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 36222
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf3iXuXatSUZPM2nnFfCvpI6cwfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828f009bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/40b4a45e-a6ad-4ad1-333b-a5d756702d00/ 81 KB
81 KB 312ms
194ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/40b4a45e-a6ad-4ad1-333b-a5d756702d00/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43637175510beea908f8edbe34a3109eb8fae0b864033cad2d9e562effc5aa00

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=44+119 c=0+0 v=2023.9.8 l=83100
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 83100
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cftUQENhGsOvuIKNMfjACS9UjGfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828efd9bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/874ffaf0-db95-4017-257a-f4f2f06f7a00/ 67 KB
68 KB 609ms
491ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/874ffaf0-db95-4017-257a-f4f2f06f7a00/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aede223fbd411c02e943add5c45339e83b87055f055b1e522b7f1f64d503329e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=56+184 c=0+0 v=2023.9.8 l=69036
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 69036
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfjSrpbOaw-PbKX-JPhjXz8wP5fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828f019bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/3530fbda-0ece-43b4-9967-feb73c411000/ 32 KB
32 KB 677ms
560ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/3530fbda-0ece-43b4-9967-feb73c411000/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe099a9ad1d41fb1c32543d7821d24d9d6651d0dd3d4aa09a05cc7922e91afc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=34+251 c=0+0 v=2023.9.8 l=32720
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 32720
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cffFgj0p5LDsM8Zn7LDGXXw5D5fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828f029bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/1a6d842e-c44f-4804-74b2-e9e937de8700/ 69 KB
69 KB 421ms
304ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/1a6d842e-c44f-4804-74b2-e9e937de8700/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db06ad3e7d27d5bcc7756be13187e53eaf84c0c2f554c15be8e06bf66964a5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=2512+226 c=0+0 v=2023.9.8 l=70856
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 70856
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJX8GTfZCwtr1FDT3PrdBWCqWfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828f049bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/769d3856-f42a-4b82-9bef-d89114cf9000/ 151 KB
151 KB 1791ms
1790ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/769d3856-f42a-4b82-9bef-d89114cf9000/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa14dd4536c7173d45805b0303b20fc2c3182b8ed2d56e71965d08ac369f9269

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1129+417 c=0+0 v=2023.9.8 l=154378
date: Wed, 06 Dec 2023 19:14:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 154378
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1T_bKzOo_fqNa2pKrHZq9bwqfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9830fa59bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/afc96177-e9d7-4ccb-27af-c81ce990ca00/ 38 KB
38 KB 297ms
194ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/afc96177-e9d7-4ccb-27af-c81ce990ca00/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254d88fb56001f31c8be4590431093510501fa70adf020ac498d5184917544ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1769+173 c=0+0 v=2023.9.8 l=38561
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 38561
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfVLLBizsh0YSzfj8izgys-KtOfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828ef89bfe-FRA

GET
H2 200 public
imagedelivery.net/iWmx_o61xox89sFI9yRt-g/e346af8b-88d4-48a2-7a4e-628481392b00/ 29 KB
29 KB 298ms
195ms Image
image/avif 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/iWmx_o61xox89sFI9yRt-g/e346af8b-88d4-48a2-7a4e-628481392b00/public

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e9207892a6134dade02adacdb0d568247040e8b4a323b218687e0c876a15ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=28+607 c=0+0 v=2023.9.8 l=29682
date: Wed, 06 Dec 2023 19:14:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 29682
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf5fPhSNxFhFxI17JCvbPDSJq3fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8316d9828efb9bfe-FRA

GET
H3 200 Figtree-Bold.4f2813fb.woff2
ch-rambouillet.mstaff.co/fonts/ 16 KB
16 KB 112ms
111ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Figtree-Bold.4f2813fb.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 272870042c9bc235dee190d91351c6c13a19e13088752657bd6bb63f65de655e

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/6324.1c0993b0.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-3ed4"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16084
x-amz-cf-id: yGeNNCB7U7YfxWTuZ2tbI_rKW3o4Wi1PG6VUDiwo98WU6w3Cl8Kyxw==

GET
H3 200 Figtree-Medium.d8c340a9.woff2
ch-rambouillet.mstaff.co/fonts/ 16 KB
16 KB 72ms
72ms Font
font/woff2 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-rambouillet.mstaff.co/fonts/Figtree-Medium.d8c340a9.woff2
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/css/app.9d28d42e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 64486254e351da67d4a4d17695815511a8ecad4d4ecf61dd6221557a7f32a1b5

Request headers

Referer: https://ch-rambouillet.mstaff.co/css/app.9d28d42e.css
Origin: https://ch-rambouillet.mstaff.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:03 GMT
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 10:30:50 GMT
server: nginx/1.24.0
x-amz-cf-pop: FRA60-P4
etag: "656daa5a-3e90"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16016
x-amz-cf-id: ZYPY6C15m-mYkW0uDTdgL3toYDVOjbyUx3oXlQrrEPJN_nGPCPNSfw==

GET
H2 200 fr Show response
client.axept.io/pack/ 8 KB
3 KB 87ms
87ms Fetch
application/json 2600:9000:211e:5a00:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/pack/fr
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5a00:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / campsi
Resource Hash: 0f732d96c4108e2a74856fd671012f832443ce8237509fa38f6af06b73d3ada8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 07:30:54 GMT
content-encoding: gzip
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 42189
x-powered-by: campsi
etag: W/"1fec-N+a4STJlarxh5/ii9ffVlz2fa20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 8mpM-w542mRgyCi35krT-5SagCWM87Rj9pfOAE8XXxgiOhluWqkz4g==

GET
H2 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame C5F1 365 KB
47 KB 103ms
103ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C5F1 15 KB
15 KB 509ms
179ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:11 GMT
x-content-type-options: nosniff
age: 160252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:43:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C5F1 15 KB
16 KB 459ms
129ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:56:17 GMT
x-content-type-options: nosniff
age: 127066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 07:56:17 GMT

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 149ms
148ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1808736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: bZILzhZQZctGQ4R0CtLShmWQ1DVHn4BETPm_xPzGlLFH4-Zzhg4ATw==

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame C5F1 54 KB
17 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame C5F1 322 KB
96 KB 223ms
222ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:26 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame C5F1 2 MB
769 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 132ms
131ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:37:17 GMT
x-amz-version-id: Q83vlLXgyWB6DuTGnFxHLMCEzu8jknn5
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5593007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Oct 2023 01:26:38 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: zX5QbIxX6ookS2HXh7AsEtLWjuhCrio4ck3dTvh-L3s1auxJQZ5N5w==

GET
H2 200 a34a371cbfe602dec23c.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
3 KB 117ms
111ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/a34a371cbfe602dec23c.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff189b7232ea907669cf4baaa0021acb799dcc2c8fe3b6ed0faa90c22229944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 2G8TH4PlueUXyY_FNvPZHu31h5B8t8.6
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 07:54:36 GMT
x-amz-cf-pop: FRA6-C1
age: 40768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:51:00 GMT
server: AmazonS3
etag: W/"49546ead7dacae87d94f26ad378d2425"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: VcSis3o8Y34cgto-QED6_dy4fJB64fgW92Z1MMNtuMGZCbhGX0Agzg==

GET
H2 200 472df9b8be6018a4880f.js Show response
cdn.segment.com/next-integrations/actions/google-analytics-4-web/ 189 KB
54 KB 156ms
153ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/472df9b8be6018a4880f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a2429363885c1f27f5d20759bf8213eeea483ce52a8f14b168befe4d7d4edec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: h89tCGbXXZpldquHNOnMB_LjCv57MWZQ
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 21:15:52 GMT
x-amz-cf-pop: FRA6-C1
age: 79092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:51:01 GMT
server: AmazonS3
etag: W/"d3d8aa605969e9fd95b2064de9dc363d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: zJyImGWvDUDqT-omw1AdmAr1Q38Us7VPiTok0QVvFiE8ipQa3H03fg==

GET
H2 200 b0eab045596385f932c0.js Show response
cdn.segment.com/next-integrations/actions/962/ 23 KB
8 KB 141ms
140ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/962/b0eab045596385f932c0.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/a34a371cbfe602dec23c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: zk9rxxlqKCjHbsFrMYTC7R6tXRM31okT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 02:54:33 GMT
x-amz-cf-pop: FRA6-C1
age: 58771
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:50:59 GMT
server: AmazonS3
etag: W/"566a0711c9f794ab81f9adf75b9544ce"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 46CwGDvI30RZKQyhCVCnqoBq2JfVrEJ4xoWR2lgGnp3J6d0IVv7xng==

POST
H2 200 pv
hublohelp.zendesk.com/frontendevents/ Frame B6AF 0
0 152ms
152ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hublohelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaXSG2v30qxM31WwFOv9wlyxmVw4fOg787qtqt13IsVKouQSJCxf60KOlAxbajAhbxd2Spcv9a%2BDYnMZBCAyQgVP676XoZzzgh4VldUCeFcSLQ%2BT66s8V%2FPH6%2FcUccmBW4IjAMTj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8316d989d8136977-FRA
content-length: 0
x-request-id: 8316d989d8136977-FRA

OPTIONS
H2 204 pv
hublohelp.zendesk.com/frontendevents/ Frame 0
0 212ms
211ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hublohelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ch-rambouillet.mstaff.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8316d9888e576977-FRA
date: Wed, 06 Dec 2023 19:14:04 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZy%2Fw4WOm4mZmnFWbZaNf2TaV%2BA88D59vzJ%2FtL9VFIhF5jNssewCs0CEn%2FgBL3d2WIWCU%2FdAz1E9IZZz%2FEEfBBACp4iM6DAqhe8wnxhZyF5p6O6lvbcVsZlfjbnhD1O4O9dUeuwZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8316d9888e576977-FRA
x-zendesk-zorg: yes

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 168ms
166ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:19:49 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: FRA6-C1
age: 143656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: afSHSA7EvqaOjQJPcJD8QxKHLGmNGHzCIjfj2MmJM8L6SerdudJxqw==

GET
H2 200 satismeter.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/ 3 KB
2 KB 184ms
183ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/satismeter.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a049e9e7837822045714ace58cd093d8bce2eaf4007c2d6e130afe9e5ae91165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 03:39:14 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id: f4s.rK5P9szON6GjMFdsRLfSCTksdI3J
x-amz-cf-pop: FRA6-C1
age: 3339291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1225
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "40ed5af991a9bb3f5b0e6cca7ea3a5c5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: eQGAb8lVeJxUqJVAOHMElns1nIQKjowDIuW9U5I1BKIGiSU4vPAsIw==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 182ms
182ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 08:08:43 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id: PgMPNrJn4UXeGYnax_P5hY3ZIibnCzEY
x-amz-cf-pop: FRA6-C1
age: 1335922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: fTXtNC7h0nN3-MYcYVPxW6uTXkyrImvYZRw16t3V_cMJr7PZoL8TnA==

GET
H2 200 hotjar.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/ 3 KB
2 KB 183ms
183ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 08:08:42 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id: wvBq3ngq39jEwyczNJNamGJMP9shR_wj
x-amz-cf-pop: FRA6-C1
age: 1335923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1336
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "4cd7c93a55ce331d264d9a857bd044ed"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: IsQR5bkXq31khoRvW19nDo5lenQD9xLVNPSKnW5s1EW7dYsDENfasw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
89 KB 687ms
140ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T7DHJXP9DC

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/962/b0eab045596385f932c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e467639db7415037f9cecdf6d5e1c1d236a6df0dd987235de7b4960bb7ccb583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 19:14:04 GMT

POST
H2 200 identify Show response
api.stonly.com/api/v1/targeting/ 38 B
457 B 355ms
98ms XHR
application/json 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1701890044262
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"26-NFKChCaGCPgLuaMJn62pKH75t6U"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 204 identify
api.stonly.com/api/v1/targeting/ Frame 0
0 625ms
81ms Preflight 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,timestamp
Access-Control-Request-Method: POST
Origin: https://ch-rambouillet.mstaff.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache
date: Wed, 06 Dec 2023 19:14:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 127ms
127ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:16:04 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id: uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop: FRA6-C1
age: 100681
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 18 Oct 2023 10:36:32 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: qETH847ZMGXTIv_MI0mGPYbMRXtamS_MLTdfVMwwNYK2lIFTz9hRQg==

GET
H2 200 hotjar-3022160.js Show response
static.hotjar.com/c/ 9 KB
4 KB 368ms
130ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3022160.js?sv=6

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

2baa39143a7d6b71455da2f7e91cc4f8e23db6da4512bf6eade7405c278df304

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 19:14:04 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 18
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/25a417cb871da5e9278c8231c2210f01
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 3gzYq3MDJNqYuw0_QBcNYjMTrBg8BWuYDEcB7VSJTco-aDpeRtPYHQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
100 KB 599ms
374ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WT76SVH&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d78db723525608769c8e1eb692eb211d6464b6f77e4c500ad42f01ebe52d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102154
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 19:14:04 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 489ms
257ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=49674
accept-ranges: bytes
content-length: 596

GET
H2 200 js Show response
app.satismeter.com/ 109 KB
38 KB 800ms
569ms Script
application/javascript 2606:4700::6812:313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

111c547c3ffad582f76340307adfae00faee53cece8257fa7218f23ac84f28b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"9301-CkTZ9/dw0WYoRYNEEkybO41ERyA"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8316d98c28ab3660-FRA
expires: Wed, 06 Dec 2023 23:14:05 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C5F1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

122ms
121ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6aff4dab85bf040f718730c994ac9f90b56f96b8fa7bb238990f323d0aa9532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 19:14:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C5F1 29 B
495 B 394ms
139ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:11:18 GMT
x-content-type-options: nosniff
age: 166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 19:26:18 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 365ms
139ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 06 Dec 2023 19:14:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C5F1 87 KB
40 KB 147ms
145ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b77399ad08de35e83b7bbe01bf0936f38b24496700dc26cb12f9df50a5c045f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41102
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame C5F1 116 KB
33 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:53 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame C5F1 51 KB
20 KB 344ms
127ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 22:45:51 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/4QS59yPB448/ Frame C5F1 2 KB
2 KB 348ms
140ms Image
image/webp 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/4QS59yPB448/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20cf97f9f7c3ac00e5dfecda0eab096d891c96c6f95eec16a9601e459b8db938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1682
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Dec 2023 21:14:04 GMT

GET
DATA 200
OK truncated
/ Frame C5F1 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKYiX7mapw-dBmfiBgL2wVIpoK04pZZnuMQJXJDX=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C5F1 4 KB
4 KB 981ms
547ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKYiX7mapw-dBmfiBgL2wVIpoK04pZZnuMQJXJDX=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b392f4c0327638bdf4829eaab565d271b13284916587af3c920a4b7786771faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3654
x-xss-protection: 0
expires: Thu, 07 Dec 2023 19:14:05 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C5F1 4 KB
2 KB 533ms
119ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:14:05 GMT

GET
H2 200 modules.8ee14814f88014d1770d.js Show response
script.hotjar.com/ 218 KB
55 KB 432ms
120ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8ee14814f88014d1770d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3022160.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

e106472972bdecc9a2188aa416f8d2caa42243cdd34d3c273aab333cac424dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 15179
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55396
last-modified: Wed, 06 Dec 2023 15:00:38 GMT
etag: "33f7598beee5c2090a530d7a01aa16ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: L8_betxwDrQBWddrMouh1hhy-yAmczXm6wjJBFDAu6E0uVlcSWhVbQ==

GET
H3 204 generate_204
www.youtube.com/ Frame C5F1 0
10 B 118ms
118ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OzQPzA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 117ms
116ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=49526
accept-ranges: bytes
content-length: 12150

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 106ms
106ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109194110-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7DHJXP9DC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7412f8343ae958c3715b1fdf8266737a87d81186056e3b184905fbc3a13c2183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68951
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 19:14:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 272ms
74ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T7DHJXP9DC&gtm=45je3bt0v868367245&_p=1701890044258&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-US&cid=2093570730.1701890045&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Page%20Viewed&dl=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&sid=1701890045&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6389
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7DHJXP9DC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 19:14:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK p Show response
in.eu2.segmentapis.com/v1/ 21 B
275 B 602ms
355ms Fetch
application/json 54.220.137.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.eu2.segmentapis.com/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.220.137.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-137-141.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Date: Wed, 06 Dec 2023 19:14:05 GMT
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

POST
H/1.1 200
OK p Show response
in.eu2.segmentapis.com/v1/ 21 B
275 B 601ms
357ms Fetch
application/json 54.220.137.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.eu2.segmentapis.com/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.220.137.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-137-141.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Date: Wed, 06 Dec 2023 19:14:05 GMT
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

POST
H/1.1 200
OK p Show response
in.eu2.segmentapis.com/v1/ 21 B
275 B 600ms
360ms Fetch
application/json 54.220.137.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.eu2.segmentapis.com/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.220.137.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-137-141.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Date: Wed, 06 Dec 2023 19:14:05 GMT
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

POST
H/1.1 200
OK p Show response
in.eu2.segmentapis.com/v1/ 21 B
275 B 596ms
358ms Fetch
application/json 54.220.137.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.eu2.segmentapis.com/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pPROC7dPoJ7XdxHrwsTQNXCGX79MJjhp/analytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.220.137.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-137-141.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ch-rambouillet.mstaff.co
Date: Wed, 06 Dec 2023 19:14:05 GMT
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D523233%26time%3D1701890045307%26url%3Dhttps%253A%252F%252Fch-rambouillet.mstaff.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true&e_ipv6=AQLPUxwOwm96dQAAAYxAj...

0
265 B

1390ms
491ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true&e_ipv6=AQLPUxwOwm96dQAAAYxAjTkqR_KgCdVpUNCn21BKHB9-TpNy1bYWIMVC7C82Bzbh77SgeGSysauieA
Requested by: Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 721A01C99C90472DA17EFBAB217B918C Ref B: DUS30EDGE0412 Ref C: 2023-12-06T19:14:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL3Ce5NJ0AeEt3awz7ng==

Redirect headers

date: Wed, 06 Dec 2023 19:14:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 858BC517E0DF442EB6EFF2A2D9A6A59C Ref B: FRAEDGE1808 Ref C: 2023-12-06T19:14:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523233&time=1701890045307&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&cookiesTest=true&liSync=true&e_ipv6=AQLPUxwOwm96dQAAAYxAjTkqR_KgCdVpUNCn21BKHB9-TpNy1bYWIMVC7C82Bzbh77SgeGSysauieA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL3CenNbeVsnhF6feZvw==

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 55ms
55ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 06 Dec 2023 19:14:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C5F1 90 B
134 B 75ms
75ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9089d5268117912b0b36280daf10b247a07e88b9f3ece65e76fc1423612b3ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H2 204 integration
api.stonly.com/api/v2/widget/ Frame 0
0 51ms
50ms Preflight 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v2/widget/integration?widgetId=952da2cb-81ea-11ea-ad85-06f7e2c08348&segmentAnonymousId=a8f20699-303b-4cff-b275-42bc626fac99&stonlyAnonymousId=b773b21f-e84f-4ab2-b9d0-c7486f2e853d&url=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: timestamp
Access-Control-Request-Method: GET
Origin: https://ch-rambouillet.mstaff.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache
date: Wed, 06 Dec 2023 19:14:05 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integration Show response
api.stonly.com/api/v2/widget/ 471 B
776 B 67ms
65ms XHR
application/json 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

103fa8b820e3ca482167a95397185ee1b3e85ff816d421e0a8f8f68f814ef46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1701890045414
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"1d7-b23kRcG29TqrXKbRpmsaxBp41Xw"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame C5F1 50 KB
15 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 15:07:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
82 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HS05J6WGW0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109194110-4&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d18e7ab67535e4b1bf75117c94e2e2569cfd00f1758851477c631a2f0ca408f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 19:14:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 194ms
57ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109194110-4&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 17:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5536
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 19:41:49 GMT

POST
H2 204 widget
app.satismeter.com/api/ 0
0 334ms
209ms Fetch 2606:4700::6812:313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
access-control-allow-methods: PUT,POST
access-control-allow-origin: *
access-control-expose-headers: Location,Auth-Token
cross-origin-resource-policy: cross-origin
cf-ray: 8316d99188971e66-FRA
access-control-allow-headers: Content-Type,Auth-Token,Traceparent,Request-Context

POST
H2 200 stat Show response
api.stonly.com/api/v1/ 28 B
391 B 117ms
116ms XHR
application/json 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/stat

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1701890045578
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 19:14:05 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"1c-ByTQlyo2Qy1Btr155OVZJfDYTX0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 204 stat
api.stonly.com/api/v1/ Frame 0
0 97ms
97ms Preflight 15.188.160.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/stat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-160-118.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,timestamp
Access-Control-Request-Method: POST
Origin: https://ch-rambouillet.mstaff.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache
date: Wed, 06 Dec 2023 19:14:05 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 162ms
161ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HS05J6WGW0&gtm=45je3bt0v9134701339&_p=1701890044258&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2093570730.1701890045&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701890045&sct=1&seg=0&dl=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&dt=Mstaff&en=page_view&_fv=1&_ss=1&tfd=6856
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HS05J6WGW0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 19:14:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 147ms
146ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1164296787&t=pageview&_s=1&dl=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&ul=en-us&de=UTF-8&dt=Mstaff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=399851390&gjid=1924662335&cid=2093570730.1701890045&tid=UA-109194110-4&_gid=1873202180.1701890046&_r=1&gtm=457e3bt0z8868367245&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1059597122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 19:14:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 widget
app.satismeter.com/api/ 0
0 218ms
217ms Fetch 2606:4700::6812:313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 19:14:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
access-control-allow-methods: PUT,POST
access-control-allow-origin: *
access-control-expose-headers: Location,Auth-Token
cross-origin-resource-policy: cross-origin
cf-ray: 8316d992dad71e66-FRA
access-control-allow-headers: Content-Type,Auth-Token,Traceparent,Request-Context

POST
H2 204 widget
app.satismeter.com/api/ 0
0 224ms
223ms Fetch 2606:4700::6812:313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 19:14:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
access-control-allow-methods: PUT,POST
access-control-allow-origin: *
access-control-expose-headers: Location,Auth-Token
cross-origin-resource-policy: cross-origin
cf-ray: 8316d9943d3d1e66-FRA
access-control-allow-headers: Content-Type,Auth-Token,Traceparent,Request-Context

POST
H2 204 widget
app.satismeter.com/api/ 0
0 375ms
374ms Fetch 2606:4700::6812:313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 19:14:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
access-control-allow-methods: PUT,POST
access-control-allow-origin: *
access-control-expose-headers: Location,Auth-Token
cross-origin-resource-policy: cross-origin
cf-ray: 8316d9959f871e66-FRA
access-control-allow-headers: Content-Type,Auth-Token,Traceparent,Request-Context

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C5F1 28 B
54 B 1010ms
1006ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
X-Goog-Request-Time: 1701890046828
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4QS59yPB448?picture-in-picture=1&accelerometer=1&gyroscope=1
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtrcFJjYkNHalFvVSj7j8OrBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701890044097&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C255%2C143&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 06 Dec 2023 19:14:07 GMT

GET
H2 200 thumbprint-full.png
axeptio.imgix.net/2019/01/ 27 KB
28 KB 650ms
128ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2019/01/thumbprint-full.png?hue=225&sat=-35&bri=-3&hex=%230d47a1&w=200

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

24d5e2125bc52c6ad0e760dbeabbd3aa6f6a4b6451d85dcb301690923aa47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
x-content-type-options: nosniff
age: 1630099
x-cache: HIT, HIT
x-imgix-id: 1bb956fb10fb7766bb592bd94d821bb6456612f6
cross-origin-resource-policy: cross-origin
content-length: 28071
x-served-by: cache-sjc10046-SJC, cache-fra-etou8220073-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 17 Nov 2023 22:25:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 persos_site_suite_05.png
axeptio.imgix.net/2020/09/ 5 KB
6 KB 649ms
127ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=64&h=64&dpr=1

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ddb7a5ea98e19a61ce5ce7e934963b4325a6da5e6b530f6433beade948539a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
x-content-type-options: nosniff
age: 15654940
x-cache: HIT, HIT
x-imgix-id: 5b71a22f21cf3ff3808b8494e0e76ca5629d363f
cross-origin-resource-policy: cross-origin
content-length: 5604
x-served-by: cache-sjc1000090-SJC, cache-fra-etou8220073-FRA
x-imgix-render-farm: 01.140328
last-modified: Sat, 14 Oct 2023 10:08:42 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 persos%20site-44.png
axeptio.imgix.net/2021/02/ 10 KB
10 KB 635ms
127ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2021/02/persos%20site-44.png?auto=format&fit=crop&w=170&h=auto&dpr=1

Requested by

Host: ch-rambouillet.mstaff.co
URL: https://ch-rambouillet.mstaff.co/v1/tab/about

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1a7ed9c60e1a0382ada83124e9599b5dbf9d18524e7bc51573ad41b55ff41273

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-rambouillet.mstaff.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
x-content-type-options: nosniff
age: 3135313
x-cache: HIT, HIT
x-imgix-id: 2b03c1a9cdf682fdc150bfd70930610c6effd4f1
cross-origin-resource-policy: cross-origin
content-length: 9759
x-served-by: cache-sjc1000133-SJC, cache-fra-etou8220073-FRA
x-imgix-render-farm: 01.140328
last-modified: Tue, 31 Oct 2023 12:18:54 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 293ms
292ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 19:14:07 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6BE11C819CFD4E0686612A0EEE244C00 Ref B: FRAEDGE1808 Ref C: 2023-12-06T19:14:07Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://ch-rambouillet.mstaff.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL3CfA7Mj225s8sRTnkw==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 108ms
108ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T7DHJXP9DC&gtm=45je3bt0v868367245&_p=1701890044258&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-US&cid=2093570730.1701890045&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&dt=About%20Viewed&dl=https%3A%2F%2Fch-rambouillet.mstaff.co%2Fv1%2Ftab%2Fabout&sid=1701890045&sct=1&seg=1&_s=2&tfd=11401
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7DHJXP9DC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ch-rambouillet.mstaff.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 19:14:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-rambouillet.mstaff.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mstaff.co/	1970-01-20 16:44:57	Name: XSRF-TOKEN Value: eyJpdiI6IkhJV3RhZ2E1aFo2bFF4c0hqeFR6Ymc9PSIsInZhbHVlIjoiZUFWZGtWOEFjR21aTWdMWjBqQVc1K2ExMXZlNDJGcHVUb1FMdFdPZWFqbGpmMkJPaHVkRDFURk5PeUJEbnoyVnRUYWJZUVN4cmwrVjJsVGZJMG5KWHJxSEhTNVZyYmc3Z2FkY1VpVHFhbzVFN0JsVFk5M3hDSkNKcUlPdnNVamIiLCJtYWMiOiI0ZjcyMTZjZjQxNjk5MTUyZmFjM2FhOTMzMmM3Y2U0MjdmZmJiNzQ3MjA2MjRjMjg0YWE4YjQ5YjQ3NWY4YjcwIiwidGFnIjoiIn0%3D
.mstaff.co/	1970-01-20 16:44:57	Name: careerwebsite_session Value: eyJpdiI6IlN3V2lqNW1ldTdGOXdqRW9xSnBCOFE9PSIsInZhbHVlIjoiQ3BrNmxlbHd4YUdrWkVJZHRWcFQ1WjYrdVJCblRzUzJpZHdQYlIxU2ltK2hCSHlXMVVIMFVWTmVuL1FJM1RvOThhUXF1b0JCRURmaXVKYld0bHE3KzZsb0dpRVppQitkSURRcnBDZ1hIc044S3BnUnNDNEJZT0V0TE16NGMxaG4iLCJtYWMiOiI0NGRkZmMyOWI4OTdiMzQ1ZmE5NzU0NTAwZjE0NDgyZjdkY2ZiN2M4MjMzODEzNGEwNzA5ODA3YTFiYjI5Mzg3IiwidGFnIjoiIn0%3D
ch-rambouillet.mstaff.co/	1970-01-21 01:30:26	Name: axeptio_cookies Value: {%22$$token%22:%22a3m48kx0ug1wym88ne4od%22%2C%22$$date%22:%222023-12-06T19:14:02.926Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
ch-rambouillet.mstaff.co/	1970-01-21 01:30:26	Name: axeptio_authorized_vendors Value: %2C%2C
ch-rambouillet.mstaff.co/	1970-01-21 01:30:26	Name: axeptio_all_vendors Value: %2C%2C
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EEH24ulWkFE
.youtube.com/	1970-01-20 21:04:02	Name: VISITOR_INFO1_LIVE Value: kpRcbCGjQoU
.mstaff.co/	1970-01-21 01:30:26	Name: ajs_anonymous_id Value: a8f20699-303b-4cff-b275-42bc626fac99
.mstaff.co/	1970-01-21 01:30:26	Name: analytics_session_id Value: 1701890045256
.mstaff.co/	1970-01-21 02:20:50	Name: _ga_T7DHJXP9DC Value: GS1.1.1701890045.1.1.1701890045.0.0.0
.mstaff.co/	1970-01-21 01:30:26	Name: analytics_session_id.last_access Value: 1701890045281
.satismeter.com/	1970-01-20 16:44:51	Name: __cf_bm Value: rv2fJvC7WVlUYhpymvm73m.CvYBp_Dvx33cEBP0e6Ds-1701890045-0-ASs/Ij1NVs0mwepW8KlKpP8yGN6lHG25qC6vo8+M8BCZVKE2HZZ3PBVwrPUzTpzOlQQERciGFX4syjDrIoDvuYo=
.api.stonly.com/	1969-12-31 23:59:59	Name: _csrf Value: xPdLNERxCLfFESmDSpDps1jR
.mstaff.co/	1970-01-21 01:30:26	Name: _hjSessionUser_3022160 Value: eyJpZCI6IjM5NDQwMzJiLTkzZDYtNTNiNy04Y2IzLTBkMjdjMjcwZjYzMCIsImNyZWF0ZWQiOjE3MDE4OTAwNDU1MzYsImV4aXN0aW5nIjpmYWxzZX0=
.mstaff.co/	1970-01-20 16:44:51	Name: _hjFirstSeen Value: 1
.mstaff.co/	1970-01-20 16:44:51	Name: _hjIncludedInSessionSample_3022160 Value: 0
.mstaff.co/	1970-01-20 16:44:51	Name: _hjSession_3022160 Value: eyJpZCI6IjA1ODU2MjQ0LWFjYjQtNDY5Zi04ZTlhLTY1NGRiNDlmMzMyYiIsImNyZWF0ZWQiOjE3MDE4OTAwNDU1MzcsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.mstaff.co/	1970-01-20 16:44:51	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 18:54:26	Name: li_sugr Value: e435f458-bad3-4a28-8da1-f2b82e4ba3f7
.linkedin.com/	1970-01-21 01:30:26	Name: bcookie Value: "v=2&b964d6d0-897f-4ad1-861a-de983aad0345"
.linkedin.com/	1970-01-20 16:46:16	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2693:u=1:x=1:i=1701890045:t=1701976445:v=2:sig=AQH1KuxANzkrL3uCut2omvnheygOxYeC"
.mstaff.co/	1970-01-21 02:20:50	Name: _ga_HS05J6WGW0 Value: GS1.1.1701890045.1.0.1701890045.0.0.0
.mstaff.co/	1970-01-21 02:20:50	Name: _ga Value: GA1.2.2093570730.1701890045
.mstaff.co/	1970-01-20 16:46:16	Name: _gid Value: GA1.2.1873202180.1701890046
.mstaff.co/	1970-01-20 16:44:50	Name: _gat_gtag_UA_109194110_4 Value: 1
.linkedin.com/	1970-01-20 17:28:02	Name: UserMatchHistory Value: AQL3XrRazozKDwAAAYxAjTc7ThzdN8RQHSBjzqx0ckheaHytwUR-HdTw2yYp1eDUv9gzKpNOl-kjoQ
.linkedin.com/	1970-01-20 17:28:02	Name: AnalyticsSyncHistory Value: AQJrS3rExnlZyAAAAYxAjTc7olzfdvde1ibUKB4xyqJNSltZfOWIa4uHVUFCIMvKfdkUOAMhimV5aeLjUK5fYQ
.www.linkedin.com/	1970-01-21 01:30:26	Name: bscookie Value: "v=1&2023120619140599a6cc22-e1c6-4cbe-8c18-9a7a0ffcf56aAQEMN65_z4EwYMp5UC4-cTZocg2S6D8a"
.linkedin.com/	1970-01-20 21:04:02	Name: li_gc Value: MTswOzE3MDE4OTAwNDU7MjswMjGNJJWwzN9V50uv9oTvWEZgNvObK+EffpYjbMrzA7ocjA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mstaff.co
api.stonly.com
app.satismeter.com
axeptio.imgix.net
cdn.segment.com
ch-rambouillet.mstaff.co
client.axept.io
code.jquery.com
ekr.zdassets.com
fonts.gstatic.com
googleads.g.doubleclick.net
hublohelp.zendesk.com
i.ytimg.com
imagedelivery.net
in.eu2.segmentapis.com
jnn-pa.googleapis.com
play-lh.googleusercontent.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.stonly.com
script.hotjar.com
snap.licdn.com
static.axept.io
static.doubleclick.net
static.hotjar.com
static.zdassets.com
stonly.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.16.51.111
104.18.70.113
104.18.72.113
13.107.42.14
13.32.27.19
13.32.99.95
15.188.160.118
18.66.147.49
18.66.147.92
18.66.97.53
2001:4860:4802:34::36
2600:9000:211a:3200:1c:f638:2940:93a1
2600:9000:211e:5a00:19:61a3:b200:93a1
2606:4700::6812:313
2606:4700::6812:324
2620:1ec:21::14
2a00:1450:4001:802::2016
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2016
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a02:26f0:3500:16::215:1484
2a04:4e42:8e::720
2a04:4e42::649
3.126.197.23
35.180.145.57
54.220.137.141
99.86.8.175
018cf75c2022871f96e3faada699b103a3d0460a62fe789252521f2957bf9ba6
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a2429363885c1f27f5d20759bf8213eeea483ce52a8f14b168befe4d7d4edec
0f732d96c4108e2a74856fd671012f832443ce8237509fa38f6af06b73d3ada8
103fa8b820e3ca482167a95397185ee1b3e85ff816d421e0a8f8f68f814ef46b
111c547c3ffad582f76340307adfae00faee53cece8257fa7218f23ac84f28b8
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
19180d5fba36693dcfb946b62024beb2217802fcbe1bc7f84ff4b54c5c084c77
1a7ed9c60e1a0382ada83124e9599b5dbf9d18524e7bc51573ad41b55ff41273
1b3b8295da7b778d55bc8eac414754e5e84ce7e948d451ecb50fa7487c0853aa
1c7a5b8ed7cebd4379fb945a0d9468656f082e57ebd42919ba861dffa269eb7c
1d18e7ab67535e4b1bf75117c94e2e2569cfd00f1758851477c631a2f0ca408f
1ed82ff9f5ba517016e021993e7a467c5f6845fcb272d3f931fd141ca650b7d9
20cf97f9f7c3ac00e5dfecda0eab096d891c96c6f95eec16a9601e459b8db938
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
24d5e2125bc52c6ad0e760dbeabbd3aa6f6a4b6451d85dcb301690923aa47e33
254d88fb56001f31c8be4590431093510501fa70adf020ac498d5184917544ec
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830
272870042c9bc235dee190d91351c6c13a19e13088752657bd6bb63f65de655e
27ffc62de61ff7d979422452cbd8a821f8ad2c30283409adc217f6d54810a48a
2baa39143a7d6b71455da2f7e91cc4f8e23db6da4512bf6eade7405c278df304
3625837ba0ec6afc27987153c22f903e12c7d2e53734ef0c7c1f3ed77eebe6fe
367f03c60d0569a5380fd7566c2ae24052f34f7a1cc2f0ea9d54588df56b967e
392f8291ca2e722bdbe3b20f02acdd6a721e30c22a74ca7e95aafe935996e8e4
3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
3e9207892a6134dade02adacdb0d568247040e8b4a323b218687e0c876a15ce7
43637175510beea908f8edbe34a3109eb8fae0b864033cad2d9e562effc5aa00
45ee4fa580cc27997dcb1f20dcbf98bcbcf54c47abe761932f1efdcd46a39c48
45fa876e9dd650f72347835923d7b536fa95c2e30d394440da070216cd33fc43
58e23d36f503ba60a9874daf132408a8f4693c45ef1ae58b4f1fd7add6e0fa01
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b28e70f4d3c1449fbb07e1b9513d36a7bbdc93724a8b711cbabe235ee029db1
5b8b229961c38950d94f99e69be7db63105648d2187c727f6e0f8f69f7767882
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5f8f5e0e437dfa4d9a50b7fe05ad5e954dd8e37828a72fdd72fb6afe94889aa8
613361b7a1e7f16bd956d83bb7f7a25707735b72d50a5a7e4de9493a10f2b51f
64486254e351da67d4a4d17695815511a8ecad4d4ecf61dd6221557a7f32a1b5
659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68fa2b9fb8e2f5e5ff6046227d1017952512c3f2fcaba3a6329b98562615ab76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7111ad1a8a18da8f91bf680d6143aafa7b82b8ea51af388d1f4a279e978b33bc
7412f8343ae958c3715b1fdf8266737a87d81186056e3b184905fbc3a13c2183
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
754ea1703a3c9887a41967ea77314d2098af6408ac82b1d1e80c3dcdf110f864
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
7db06ad3e7d27d5bcc7756be13187e53eaf84c0c2f554c15be8e06bf66964a5d
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7faea6864c9684f0fc2d2b09c3395816e336ded13fba0e567ad58abffdff1c5c
834178be7531c3671c04ee17ed3d07bbae076250a85a592c479cef06a1c391e1
83871cfa6c7734a9fa4c949e70d22cc24d94b1afdff688beedfb731894ab1db9
8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8d78db723525608769c8e1eb692eb211d6464b6f77e4c500ad42f01ebe52d8f0
9089d5268117912b0b36280daf10b247a07e88b9f3ece65e76fc1423612b3ac0
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
982a1fdc4ab4427b67faee8088e70c635cd236d103c5b174493e073c4fc75525
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9ff189b7232ea907669cf4baaa0021acb799dcc2c8fe3b6ed0faa90c22229944
a049e9e7837822045714ace58cd093d8bce2eaf4007c2d6e130afe9e5ae91165
a2147ace43a26e238de98888bf028931880d4222c3bb98ac45f6b5fb40de476d
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
aa14dd4536c7173d45805b0303b20fc2c3182b8ed2d56e71965d08ac369f9269
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
ad31d8541aaf027a28bd2dc74418c2a77d8e08297e9f103b03ba000369c551fc
aede223fbd411c02e943add5c45339e83b87055f055b1e522b7f1f64d503329e
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b392f4c0327638bdf4829eaab565d271b13284916587af3c920a4b7786771faa
b77399ad08de35e83b7bbe01bf0936f38b24496700dc26cb12f9df50a5c045f3
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b82b6c2233a19a2b2a2521515d2098e6359cd2ea16ccbacec97e883ad6b6c111
bc405a7e06498e5d7799f25c6950dcba4eb44b067fa0edf98c4c8640eab35ce7
bcb5b22800ba82c3dcc7121c7ab8c8a021ee35ae96994a607f0957af75f35ef7
bd70e0da641d447f4e900e5611ca1790f97ce99cef01cf58e88ba0d025350fb3
c2976f088fd5164361d3442f51e638416b5a89d0a1c4e8c6c37b8cc9ef36a151
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6
c6fbafe942a20aafc069f8e089f2bf67adb05961b26a71bba56adff485422b40
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
cf731e79b55afcc0696a0e8604d8d6107e1a7aefd065ee659f8a1f7b75ffdfd7
d017e5e0b1b46d9e85200deb17573d2742de0deb101a7410062c2df8d3a0e138
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddb7a5ea98e19a61ce5ce7e934963b4325a6da5e6b530f6433beade948539a4d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e106472972bdecc9a2188aa416f8d2caa42243cdd34d3c273aab333cac424dc2
e1f9b68c5305fd99b771611177ea38b822e5e3cffbf040e0488861dc7ff445ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467639db7415037f9cecdf6d5e1c1d236a6df0dd987235de7b4960bb7ccb583
e6aff4dab85bf040f718730c994ac9f90b56f96b8fa7bb238990f323d0aa9532
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570
ed68ee6abed42d31062a10530914a8e4c3f938e55e330fcd8162032d0d1167bf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1
f13cb9a35084f62acfa468cbd2cd73ffe185af7d701d698ede44f585395731f6
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
fe099a9ad1d41fb1c32543d7821d24d9d6651d0dd3d4aa09a05cc7922e91afc7

ch-rambouillet.mstaff.co Open in urlscan Pro 18.66.147.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

98 %HTTPS

60 %IPv6

24 Domains

35 Subdomains

35 IPs

5 Countries

7277 kBTransfer

12319 kBSize

29 Cookies

9 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ch-rambouillet.mstaff.co Open in urlscan Pro
18.66.147.92 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

98 %
HTTPS

60 %
IPv6

24
Domains

35
Subdomains

35
IPs

5
Countries

7277 kB
Transfer

12319 kB
Size

29
Cookies

132 HTTP transactions
1 data transactions