www.kisseo.com Open in urlscan Pro
212.129.31.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking.kisseo.com/tracking/click?d=2EFAbtILZ_P34VaVJIiXYRhTDwDVSBydJrK0VYUM8H3_0gph0c16hNubQPFrKPqUW_N5lIPr4cwjfe1...
Effective URL:
https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmF...
Submission Tags: falconsandbox
Submission: On January 20 via api (January 20th 2021, 7:16:18 pm UTC) from US

Summary HTTP 60 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 60 HTTP transactions. The main IP is 212.129.31.238, located in Argenteuil, France and belongs to Online SAS, FR. The main domain is www.kisseo.com.
TLS certificate: Issued by R3 on December 4th 2020. Valid for: 3 months.

This is the only time www.kisseo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.134.188.169 91.134.188.169	16276 (OVH) (OVH)
4	212.129.31.238 212.129.31.238	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
34	2606:4700:20:... 2606:4700:20::681a:8c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
60	11

1 91.134.188.169 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: api.elasticemail.com

tracking.kisseo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.129.31.238 (Argenteuil, France)

ASN12876 (Online SAS, FR)
PTR: lb.dromadaire.com

www.kisseo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:20::681a:8c0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	drostatic.com www.drostatic.com	4 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
5	kisseo.com 1 redirects tracking.kisseo.com www.kisseo.com	331 KB
4	gstatic.com fonts.gstatic.com	120 KB
3	doubleclick.net googleads.g.doubleclick.net
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	243 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	638 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	googleapis.com fonts.googleapis.com	784 B
60	12

	Domain	Requested by
34	www.drostatic.com	www.kisseo.com
5	pagead2.googlesyndication.com	www.kisseo.com pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com www.kisseo.com
4	www.kisseo.com	www.kisseo.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.kisseo.com www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maxcdn.bootstrapcdn.com	www.kisseo.com
1	fonts.googleapis.com	www.kisseo.com
1	tracking.kisseo.com	1 redirects
60	14

This site contains links to these domains. Also see Links.

Domain
www.kisseo.es
www.dromadaire.com
www.kisseo.de
www.kisseo.it
www.aventers.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
kisseo.com R3	`2020-12-04` - `2021-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
Frame ID: 5ED2B369381AC1325C868021B4BC7ED7
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html
Frame ID: 9AE9FC304E7AB81FC2F30844C1E57A04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&h=90&slotname=6712357842&adk=189486802&adf=283436930&pi=t.ma~as.6712357842&w=728&lmt=1611170156&psa=0&format=728x90&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&flash=0&wgl=1&dt=1611170156628&bpp=18&bdt=484&idt=88&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6598955535891&frm=20&pv=2&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PTkf8Ox0jm&p=https%3A//www.kisseo.com&dtd=154
Frame ID: 33F3C68F4CAEC4910AC193450BFD03A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&adk=1812271804&adf=3025194257&lmt=1611170156&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&ea=0&flash=0&pra=7&wgl=1&dt=1611170156646&bpp=3&bdt=502&idt=151&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6598955535891&frm=20&pv=1&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: 219F8DC1686177C73848BE8E7487812E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 639B6D73D92278DD4DA2086386920368
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tracking.kisseo.com/tracking/click?d=2EFAbtILZ_P34VaVJIiXYRhTDwDVSBydJrK0VYUM8H3_0gph0c16hNubQPF... HTTP 302
https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmF... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

73 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

4844 kB
Transfer

6458 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kisseo.es/
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.dromadaire.com/
Title: En Français

Search URL Search Domain Scan URL

URL: https://www.kisseo.de/
Title: Auf Deutsch

Search URL Search Domain Scan URL

URL: https://www.kisseo.it/
Title: In Italiano

Search URL Search Domain Scan URL

URL: http://www.aventers.com/
Title: Aventers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kisseo
Title: like us on facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/kisseo
Title: follow us on Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking.kisseo.com/tracking/click?d=2EFAbtILZ_P34VaVJIiXYRhTDwDVSBydJrK0VYUM8H3_0gph0c16hNubQPFrKPqUW_N5lIPr4cwjfe1kkBXI-zCO-0EP8-XNx1t8SZfxZogn6rnCH3QoZJiV_NsEv4qqTo2ulwhQiLc42PBUFiUDSuwa_o1zb6DVWTrWBUInh7ivvD7dXMhuxDNzNQ3rIYxQwtUw5hvZGfJt2-APIELJGQ_wlRm-lDnhIs0ZO9HghHy-EXeJBK6dcjZR_TWMWXQ0CY8dlH4FIjZPOz_gD0r1Kq5XfeK_NoIeDG6uQy3xRG_YIQsLls6V5LBmzK8WPmRR2NbAlCUDqyoyWCy2HA8EjtBbi7Wp83bQ5xkULDnGdtdmwdYVbAhFg4DByrYgAZqPVQ2 HTTP 302
https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.kisseo.com/post/view/
Redirect Chain

http://tracking.kisseo.com/tracking/click?d=2EFAbtILZ_P34VaVJIiXYRhTDwDVSBydJrK0VYUM8H3_0gph0c16hNubQPFrKPqUW_N5lIPr4cwjfe1kkBXI-zCO-0EP8-XNx1t8SZfxZogn6rnCH3QoZJiV_NsEv4qqTo2ulwhQiLc42PBUFiUDSuwa_...
https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_dest...

26 KB
7 KB

210ms
98ms

Document
text/html

212.129.31.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.31.238 Argenteuil, France, ASN12876 (Online SAS, FR),

Reverse DNS

lb.dromadaire.com

Software

nginx /

Resource Hash

ef266111619a4c24db3b99f846bec8de3f4cd08cc1bac6a28312e5997a757d59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.kisseo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Set-Cookie: __Secure-PHPSESSID=2ka19r45i4skna93lvdvbdhio7; path=/; secure; HttpOnly
Cache-Control: max-age=0, public
Date: Wed, 20 Jan 2021 19:15:56 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Content-Security-Policy: frame-ancestors self
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
Access-Control-Expose-Headers: X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 20 Jan 2021 19:15:55 GMT
Content-Length: 334

GET
H2 200 css
fonts.googleapis.com/ 6 KB
784 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Grand+Hotel|Dosis:400,600|Dancing+Script:400,700

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11d51bd6867f1701a17c8476f72335a6e6c47212493f6b881ce08c1baabbe835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jan 2021 19:15:56 GMT
server: ESF
date: Wed, 20 Jan 2021 19:15:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jan 2021 19:15:56 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 9ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6662

GET
H/1.1 200
OK styles-1611154634.css
www.kisseo.com/css/ 578 KB
85 KB 134ms
63ms Stylesheet
text/css 212.129.31.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kisseo.com/css/styles-1611154634.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.31.238 Argenteuil, France, ASN12876 (Online SAS, FR),

Reverse DNS

lb.dromadaire.com

Software

nginx /

Resource Hash

1cb9396b585be7bcc9528e912516d6339c26e72d597a2ceff9a1379c328ee5bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 19:15:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 18 Dec 2020 13:01:22 GMT
Server: nginx
ETag: W/"5fdca822-90619"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: close
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors self
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-XSS-Protection: 1; mode=block

GET
H2 200 logo-kisseo-hd.png
www.drostatic.com/images/kisseo/de/2013/ 3 KB
3 KB 52ms
15ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/kisseo/de/2013/logo-kisseo-hd.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2968626d820be93eb14d89f9a752527aa5e58ceb78ffff41993fbc1d3938052e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72098-1599"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425855
cf-polished: origFmt=png, origSize=5529
content-disposition: inline; filename="logo-kisseo-hd.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2632
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1jHbMIBNiVSIbReOM5dcjhVkUPXJV7gonnOuoNxRo2rfCdXUtl7QmNMxNoVkFfR7GMiMwKe2tDm56%2BwXRe%2B2RcCPkT8%2BTzNFHRpdGSDmzlay7J%2B8qA5GSMXX1xNC5Q%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a75d000005f5ab91b000000001
accept-ranges: bytes
cf-ray: 614b20856fd305f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17735_print.jpg
www.drostatic.com/dc/ 249 KB
250 KB 192ms
156ms Image
image/jpeg 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17735_print.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ecd986782e708bda446ae3b0a11f7396832150ed5d3caf962e79baf9de6583d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 255231
cf-request-id: 07c2d2a760000005f5651ce000000001
last-modified: Wed, 30 Aug 2017 20:26:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f70-3e4ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CLujL4KGgHCE9kQy1ZmfCzFzf%2F5%2Bhv6AKAiszVcOs0mG3oQNRECYz36oNnsrZo06XTCQNqn0hsJ1EFs06ZstkxGRgPaQ9zHpkXFQthu%2FKaLNPqWIFcgncxKKLD4Mmg%3D%3D"}]}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
accept-ranges: bytes
cf-ray: 614b20856fdc05f5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kisseo-us-view-respond.jpg
www.drostatic.com/images/kisseo/us/ 21 KB
22 KB 54ms
18ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/kisseo/us/kisseo-us-view-respond.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fb3b1f1cce16a2520159fa61bca651553b38f9015547ebe415a3eba752fddc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5ab51507-6621"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 562544
cf-polished: origFmt=jpeg, origSize=26145
content-disposition: inline; filename="kisseo-us-view-respond.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 21864
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Mar 2018 14:53:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2FxJ2OGrmdY8V%2BLvY09GMJ4eaRQWWPMRhH2ZjA0Cc9%2F8K9aoh5fRn9habx8zAFtO3HyvpyO1hCn16bVPoNSZ3Ukl%2FvU3AZ1YUVVa2NqbPNfKlabk2q7YvTDyMGWpgA%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a75e000005f5ac0eb000000001
accept-ranges: bytes
cf-ray: 614b20856fdf05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18177p.gif
www.drostatic.com/dc/ 18 KB
19 KB 60ms
24ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18177p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d95221d7ec03d6d27d89c313cb51357a3df79f356348833b71e1b27a08591d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 414688
cf-polished: origSize=19819, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 18577
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f72-4d6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5EPbSV%2BqXVXkDrudVXK8su6kM9mtvpZa9t%2BzPrcr42565kYDKenv0bd%2BBsQw8uxDZsDvJ9qHD%2FMgPnxkkHPFhKeTJJAShu95A%2BjZ%2FnNYP7dDtdAGq%2F%2FVb5LBBrk0hQ%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75e000005f5510ce000000001
accept-ranges: bytes
cf-ray: 614b20856fe105f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17460p.gif
www.drostatic.com/dc/ 26 KB
27 KB 64ms
29ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17460p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e8a06dce2aeae3741fb30716727f4fd0ae664093a9f5042d4ea413d8f69d2c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1601278
cf-polished: origSize=27987, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 26663
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6d-6d53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qYnZ61ctC3lbTr17g6Snz5mofL0wenuMtXE78M66yKqEhNW7629pWV02425mjGwp%2BvI00%2BzjBSIvb9ZdXh8nJTZDeQFz5ctHcvp%2Bb5iN%2FXJ%2BouQ4HvvmFYvYoC8uhQ%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75e000005f551a71000000001
accept-ranges: bytes
cf-ray: 614b20856fe405f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17351p.gif
www.drostatic.com/dc/ 30 KB
31 KB 51ms
16ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17351p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

233cb06c56ab1034035291cb905c5d10257c8038fdc5ceb8ecccd1ac80be514f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1425001
cf-polished: origSize=32083, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 31184
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6d-7d53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M%2Bx%2BRcykaodM365KLupSm3kflvd%2BsDPglwu0StaS%2BgQBRyu6Iz2QkDXNyNYOf0Gj4jfS9gWJZPCREJrykgDLP8DX1irR4tuWMZu3WA9p0FLaxT%2BLZhWwH65eO1I4OA%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75e000005f5be915000000001
accept-ranges: bytes
cf-ray: 614b20856fe605f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 11700p.gif
www.drostatic.com/dc/ 26 KB
27 KB 37ms
34ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/11700p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a585d7023c444dd342996bf2ce3f161e3f06dabfb765023c06633a76cbb3200

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 407663
cf-polished: origSize=28514, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 27056
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:25:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f4d-6f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B8f5ntV70Lfif5nNyqiQsCv%2BM%2BASCf8v2fHHgs%2BqbCF56EmwWTR2kL8EExGppfpvpVtwcB2gXdI2qhnMWBHtMuAebVxWhaJ3Zs2mHucPJOWvEWDNwxHbcbut9clngw%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75f000005f541971000000001
accept-ranges: bytes
cf-ray: 614b20856fea05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17675p.gif
www.drostatic.com/dc/ 22 KB
22 KB 26ms
24ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17675p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea310d11226e7b924efeb3f899b0a61ba3778cab60c57c8021341ab7ec738f6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 561315
cf-polished: origSize=23997, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 22290
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6e-5dbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MnrNPnK4uCIMl39u4BN0SJqkIbuXLiRJUa9qF%2FvoYAh3cBLtcpYQKrHJN%2B4dGebplaCtkON42WvQldTIK0Ai3HDhg1f3X6DcGYyNsl44YTpXjnob44cPJnAQzb%2FGoA%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75f000005f58486d000000001
accept-ranges: bytes
cf-ray: 614b20856fed05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17605p.gif
www.drostatic.com/dc/ 14 KB
14 KB 31ms
28ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17605p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bc2e7bd89c2e7fa8da332f9cdb55335d7d8b67e18b644285210d9b15fdfea7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2120650
cf-polished: origSize=15101, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 14024
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6e-3afd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ADL7CTkozaVtkjbCYNyVbjyzDu307yWRgKN%2FTCh7uuai7E8%2B5%2BF3MV7nO4rSQt%2FjwJWQQNWXwKPC2Bmyt9crq1PcC2yLQlYRka8z1%2BpMeyR8dlYzmQ8o5OQeclzxAA%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a75f000005f551a72000000001
accept-ranges: bytes
cf-ray: 614b20856ff005f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 16508p.gif
www.drostatic.com/dc/ 22 KB
22 KB 29ms
26ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/16508p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f75ff03ffff98b0d1785d09767db79fb08d72cf16728ad88b314d7a6c857724

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2120650
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 22464
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f67-57c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NmZFLvt%2Bi48Gcryw8HyjBp%2FVOZE0hcWh5DCBn7Xbo%2BJbQP2j16DTu8rGQP11TQdIr8ZoBs%2BZA9aOEJ7ftiTLlGRv5F3YLw9D%2FjBRTLIi70MnEXFmjr0yuhSRCthauQ%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a760000005f54c868000000001
accept-ranges: bytes
cf-ray: 614b20856ff205f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 16430p.gif
www.drostatic.com/dc/ 25 KB
25 KB 25ms
23ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/16430p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbf31d45f8852ae7dc0db6fa77b5a5cad57ca84962c3f5da58428214feea6ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 393556
cf-polished: origSize=26007, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 25508
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f65-6597"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UoHA6SlSb%2FLuqVIf0DkQrNZU5cHHG4uvekHp6gYLQNqWh7%2BIkCAVaSqnsuIKdlb%2BWq%2B0c4EpAPbqOrE6qfJHnfZGZXkvkY3dgqsuoJK9MzHlQUb%2Fzh01yncJ%2F32Oug%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a760000005f5b9b61000000001
accept-ranges: bytes
cf-ray: 614b20856ff505f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17549p.gif
www.drostatic.com/dc/ 38 KB
38 KB 19ms
17ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17549p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b416e69aee060df05f791dc434c7e6c79e5b733288d525e715a10f084811ef86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1771152
cf-polished: origSize=40223, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 38751
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6d-9d1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=39oVzryQakLXyFvQhjTALpFw5wCRokbrlPkFf8gcS4yUuccxpX5umuoneNPZBYRVUUqreWYHq8t9Z5WjdAPBP2dtrecZI59roLTuoNJsqT%2F161Ilen%2Bsh7%2BckP7iBg%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a760000005f549876000000001
accept-ranges: bytes
cf-ray: 614b20856ff705f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18270p.gif
www.drostatic.com/dc/ 14 KB
15 KB 27ms
25ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18270p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a786332654d3c8ec4e9307562b820aef300dc217e16d1a525798b150aa783d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859093
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 14522
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f72-38ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HJnSXGfTPZYn6yOrlBC3Fae5wMHw2XHSQnHx4GE1TlfmCsmX9%2FW963IqlCgUiXqhkeWLq%2Frj6dBfZQjcXVk9tpXYAQh5Z%2B5%2BsCIzrDEcIK2snG%2FiPfDjUYDdEcwKWw%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a760000005f55e10e000000001
accept-ranges: bytes
cf-ray: 614b20856ffa05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18683p.gif
www.drostatic.com/dc/ 54 KB
54 KB 37ms
35ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18683p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d5b636731f60b3994deb4b03608279bb9b5bb5f229fa42871bd0bc78aba970

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 559022
cf-polished: origSize=56996, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 54982
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Sep 2018 09:18:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5badf1cc-dea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=19092W9l7xvLHoOX6vRX237003OrSpTfFSrRPWihkccVuhM8sIvmNnUf7XoIvQ5llHjbS%2FXS2xur3Vi9rNsr7I9VUjuPNBpBZbDOQ6QWWlpF7VH2s43dV4LEN3An1Q%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a760000005f5b0a61000000001
accept-ranges: bytes
cf-ray: 614b20856ffc05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18658p.gif
www.drostatic.com/dc/ 11 KB
11 KB 26ms
23ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18658p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9d665d07499f0fb55d32f98f916c90fc1154f4f7c94c9a458e85ac9032094e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a71f73-382f"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 407663
cf-polished: origFmt=gif, origSize=14383
content-disposition: inline; filename="18658p.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 10878
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CbjmlTdKQfIcHpJYXFQPlyM057QckfcpBi6Aid3zvsNUeClq35PrIPxUYO0W8eWpTfXJfXZbihF9mqpmIBWdwZnh0khltiDci9feSv4JvXQAJ0CaUicX3KylCaI5Xw%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a763000005f5be916000000001
accept-ranges: bytes
cf-ray: 614b2085680005f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18535p.gif
www.drostatic.com/dc/ 17 KB
18 KB 23ms
21ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18535p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a5225f26eb3577de31215894ff2d4cd528e74ff8ef2b3899172d9d8137749b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 559022
cf-polished: origSize=24022, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 17766
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f73-5dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R5xINoTOcBEPzr2hCqKtLsICVBHLsUHbB5ZSnWzvMLHq5apWA5sVhcxHFpH9CPDH4JPrG8FZU6dhePGXHgjc8iG2B7uIkiLTgfXnp6NDIaqV8G736NVcxFQ4Td1mJg%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a761000005f5a5299000000001
accept-ranges: bytes
cf-ray: 614b2085680205f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17597p.gif
www.drostatic.com/dc/ 39 KB
39 KB 25ms
22ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17597p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff0bd3fb994965e68e66032063720023a703ce2b96820aa07fd7a1ebed9db2f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 559022
cf-polished: origSize=40947, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 39952
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f6d-9ff3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cz5D%2FTDW2OpkyaHOGYScJyYA83OMzi%2FKkbn9OBgy9PMBh8fUxn1dzxipcHgD7g8BGrHKr96Fd4Z80bJEHyT5rBtjphDpGQZj83giu%2Fcd16MqzQ4Q6guS4o8r03FLLw%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a761000005f5791c7000000001
accept-ranges: bytes
cf-ray: 614b2085680505f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 17742p.gif
www.drostatic.com/dc/ 45 KB
46 KB 30ms
28ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/17742p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a08717fb13fa67d3111599e8bc92f696e530f0bed6914dc8428cbeef3f57d2ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 559022
cf-polished: origSize=47331, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 46527
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f70-b8e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=28%2FzbGUWPQx3A4rVYRTVSpkRp2x19ElfyV6JeyBzjfjQGyLdf3pkkOk6YIVrSmyD95YMn4VXvD9SaLK3VIuZ1jLdWKxEEBO01Xz1vqPq3lQdGAVv9sO9UfaAkUv%2FVA%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a764000005f5591a5000000001
accept-ranges: bytes
cf-ray: 614b2085680705f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18283p.gif
www.drostatic.com/dc/ 27 KB
27 KB 24ms
22ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18283p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e31cf5e0adc6b5dc946a1bad9c1c8a9609cb1fc7d6bb749275c91fb56dc3c49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1429531
cf-polished: status=not_needed
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 27208
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f72-6a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8WQXlMQwfQh3uEvkzTSoG8jhruOmRaDHAtuB0ZcPHIHbRCG%2Bcu8p%2FZav1U3EecUc65vkW4F2PyXC8SPFKcno1j9fBXCtYJvSNlO%2Ba%2FBfSu9uxywZvIRQWQJiKz5JUw%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a762000005f5b03c7000000001
accept-ranges: bytes
cf-ray: 614b2085680b05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18709p.gif
www.drostatic.com/dc/ 47 KB
47 KB 27ms
24ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18709p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6708d18e77fbf7a55960250d081b1043d4288b07258e8212a583b94c4b03c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2120650
cf-polished: origSize=49809, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 47836
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jul 2018 10:41:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5eeb6f-c291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S60fenRfAN25rWQD3OUMjFId0ns99E9GXDcR%2BIO4ZJ1M9cQ1USI%2BnkHa9eN1my0wFZlNrXUHHuT6zdxR5QfUs1m5Uxc2xTvUcVYM90sUv%2FKmM8mFMnLjBaYiL3QgcQ%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a762000005f58f377000000001
accept-ranges: bytes
cf-ray: 614b2085680e05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18716p.gif
www.drostatic.com/dc/ 20 KB
21 KB 29ms
27ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18716p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6feba2119854adf8d83783f1922e3f16ae3d1058618e1733aba2697aef5389

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5a6f31cb-cb51"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425656
cf-polished: origFmt=jpeg, origSize=52049
content-disposition: inline; filename="18716p.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 20814
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jan 2018 14:38:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fh1WzQmRJTSoq2dDyyyL8WAKAB0CXFFf6h0hAqujF5u5ysa6sUGTDJDc6JakNFpSiI2fEKgPxhwfDhl%2Be5YfsKd4eBBhyamBTQKXWtyYvx2Y2E3Sf1o45e%2BB7W0EOQ%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a762000005f57230a000000001
accept-ranges: bytes
cf-ray: 614b2085681105f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 18307p.gif
www.drostatic.com/dc/ 46 KB
46 KB 41ms
38ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/18307p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e5bde7c65e3ef0a56b7af3987f47189dcc8f338f7361c2ecd7119ccd6da5d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a71f72-dc29"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 221092
cf-polished: origFmt=gif, origSize=56361
content-disposition: inline; filename="18307p.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 46606
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BP2KeeCP55PQpR6XvpLGQG8sU4S1KJxyhVySYBSHXOnNWAG5cWD99g6hpBrl6NDql4r9RARRzLbtR4q19V9XNwNKBYJkXo6uRNVjj%2FpB%2Bi9Sb0GZRqNuU92jMnN%2Fag%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a762000005f570169000000001
accept-ranges: bytes
cf-ray: 614b2085681505f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 16427p.gif
www.drostatic.com/dc/ 28 KB
28 KB 25ms
23ms Image
image/gif 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dc/16427p.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2722825cb20ae7e91f470a682457ca671909035ea2cde5af96874a51d6375f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1683483
cf-polished: origSize=29369, status=webp_bigger
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 28424
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:26:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a71f65-72b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QkR536fz%2F%2B%2FXWfoEo0H0BukXh9FnB17zK7J7yCAv9nFOxqnMuElOTHcqyAskG6ua%2F5UzWklJNOaqU8dwqDUglMDOUiLtPVv6AfsC5M5%2FZ5kkVk8yFYRIG4IHROcsnw%3D%3D"}]}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 07c2d2a762000005f542303000000001
accept-ranges: bytes
cf-ray: 614b2085681805f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47567
x-xss-protection: 0
server: cafe
etag: 506700201699315331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Jan 2021 19:15:56 GMT

GET
H2 200 logo-kisseo.png
www.drostatic.com/images/kisseo/de/2013/ 1 KB
1 KB 37ms
35ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/kisseo/de/2013/logo-kisseo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee37d66730475957fcf39e1c79a9b0fac1658004312e74fa5376ddf6d7b6a674

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72098-a1d"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 427297
cf-polished: origFmt=png, origSize=2589
content-disposition: inline; filename="logo-kisseo.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1070
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SoU1UAreQXCA2NDETFpVMPZ3wOL0QDlPJ3G5ERQO6lnUE7JZluhGEekwWjX3gMw%2BtdVsSSALE2OfE9wPRplCb4GSpGI7FJc59VnsaXXa4yd1cAxVCNQAMBOtYCrLKA%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a769000005f551a74000000001
accept-ranges: bytes
cf-ray: 614b2085681b05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ico-fb.png
www.drostatic.com/images/dromadaire/v2013/common/ 448 B
850 B 36ms
33ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2013/common/ico-fb.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d726d50ff769a7634cb55467852b75b41e274e5aeca5ef9109630e51f7537f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72092-6d7"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 17509
cf-polished: origFmt=png, origSize=1751
content-disposition: inline; filename="ico-fb.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 448
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FORPRqXPp7VmpBZpG28TwVRHphrRjtoqr50zjK1pYXkdQm56kzcqX0BzaFI0JD0tyXDFSAjUFUcAx3Rb2QwF6CRNA7l43yV5TqfDXvgwR%2BwCDoyI1wvVskrqaKkuJQ%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a763000005f5ab0e3000000001
accept-ranges: bytes
cf-ray: 614b2085681e05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ico-twitter.png
www.drostatic.com/images/dromadaire/v2013/common/ 954 B
1 KB 26ms
24ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2013/common/ico-twitter.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ab72f82ee0a886ee2c1fa4e770ceee748a5a1d0a42c182cb7e885c9c463fe5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72092-b82"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 559022
cf-polished: origFmt=png, origSize=2946
content-disposition: inline; filename="ico-twitter.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 954
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FqgRQ8l0JdyUfP3KNVDIbzWLni4jTG7r6Qzu%2BOz9gpHqnAToAGX%2BMPtRocnvDHji4OHI7Dgs7SLSjJucXA4vodpCtouvAY9LKeHYK8zlsxhAz%2BAClXahQ1fK5%2FMt3Q%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a763000005f595ac2000000001
accept-ranges: bytes
cf-ray: 614b2085682005f5-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK scripts-1611154634.js Show response
www.kisseo.com/js/ 928 KB
236 KB 133ms
65ms Script
application/javascript 212.129.31.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kisseo.com/js/scripts-1611154634.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.31.238 Argenteuil, France, ASN12876 (Online SAS, FR),

Reverse DNS

lb.dromadaire.com

Software

nginx /

Resource Hash

c68f367e61c28ee258595cfdcf6d8a2e626530384350659c120b4da03902b427

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 19:15:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 20 Jan 2021 14:57:47 GMT
Server: nginx
ETag: W/"600844eb-e8155"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: close
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors self
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookiechoices.js Show response
www.kisseo.com/js/ 6 KB
2 KB 111ms
43ms Script
application/javascript 212.129.31.238
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kisseo.com/js/cookiechoices.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.31.238 Argenteuil, France, ASN12876 (Online SAS, FR),

Reverse DNS

lb.dromadaire.com

Software

nginx /

Resource Hash

cae5c2fb988c50614ef09b61f450207bc89106a8fe705c031325466b100f20b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 19:15:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Dec 2020 20:46:41 GMT
Server: nginx
ETag: W/"5fdbc3b1-16fa"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: close
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors self
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-XSS-Protection: 1; mode=block

GET
H2 200 glyphicons-halflings.png
www.drostatic.com/images/dromadaire/v2012/my/ico/ 9 KB
10 KB 28ms
26ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2012/my/ico/glyphicons-halflings.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

419a7a9a690d82e23c33f1d4a0fb1803279738bf078ab0935d106f687e234e12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72092-31ff"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 424834
cf-polished: origFmt=png, origSize=12799
content-disposition: inline; filename="glyphicons-halflings.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9340
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FO%2B%2FLABWE%2Bs%2FDc37pBoOku4wyceIXI8q2zsW9yqr%2F4DGkR0Is2c9go0t1FOGf6Y5FwlW2ig5sf4zZq2zsRSCMCf%2FJk%2BiX31TqOESpwhSGR1aTQPMRSTKnAyEi9m2yA%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a765000005f55e10f000000001
accept-ranges: bytes
cf-ray: 614b2085682505f5-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sprite_fleches.png
www.drostatic.com/images/dromadaire/v2013/home/ 3 KB
4 KB 36ms
34ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2013/home/sprite_fleches.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0591071d12e737dd830719a48b186369b4692b10e349097d9123c2bc8972dd32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59a72092-173b"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425673
cf-polished: origFmt=png, origSize=5947
content-disposition: inline; filename="sprite_fleches.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3446
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Aug 2017 20:31:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u8ZPxyyg0dDhJdl4jYf0DnIL6leeguV7SEfwo7bQfnRYYGsfixkAIXklLo4JDarwYm9pK5iZInp0ZTBwX%2BugwUF3P%2BNtya3brczfy7ALKg9c6tI1Hq7n29FwFS7v3g%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a768000005f5a1aee000000001
accept-ranges: bytes
cf-ray: 614b2085682c05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 HhyaU5sn9vOmLzloC_WoEoZK.woff2
fonts.gstatic.com/s/dosis/v18/ 28 KB
28 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v18/HhyaU5sn9vOmLzloC_WoEoZK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Grand+Hotel|Dosis:400,600|Dancing+Script:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607974e31ad67a1d71fd50dffaff14c2450d90cf88cb9ac8c145cbc4be15e61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kisseo.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700|Grand+Hotel|Dosis:400,600|Dancing+Script:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 08:58:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:40:26 GMT
server: sffe
age: 382625
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28452
x-xss-protection: 0
expires: Sun, 16 Jan 2022 08:58:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v17/ 59 KB
30 KB 9ms
8ms Font
font/ttf 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kisseo.com
Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 14:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30307
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:47 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jan 2022 14:48:06 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v17/ 58 KB
29 KB 8ms
6ms Font
font/ttf 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kisseo.com
Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 18:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349183
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29795
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jan 2022 18:16:13 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v17/ 62 KB
33 KB 10ms
9ms Font
font/ttf 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPHA.ttf

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1fd91d8a429d51fb8df45a0a16dbc19dfa4b89d40cab7ee81ba68edb6ad58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kisseo.com
Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 11:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202412
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33653
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:05 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jan 2022 11:02:24 GMT

GET
H2 200 notera.ttf
www.drostatic.com/fonts/notera/ 135 KB
136 KB 77ms
55ms Font
application/octet-stream 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drostatic.com/fonts/notera/notera.ttf

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ea272f02f9358ca3b5ddefe5b4017340346a95094cd6ec77c7ae8f1a5a3ab96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.kisseo.com
Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1944424
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 138136
cf-request-id: 07c2d2a7670000d6e1953b9000000001
last-modified: Mon, 19 Mar 2018 11:32:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5aaf9fd3-21b98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fv7sfH47xgVuFxknsGbOtDxn%2FJJY6nIfS4Xbsd7pN%2B%2FaEiPlhtSfIUlE62sRMXYq8fUeminzWTDRMm5a8AqXXb17Rjf5S%2FgHqeBsCxAbCK%2BhIwngObFb0%2BH1w6cE1g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
accept-ranges: bytes
cf-ray: 614b20856ae5d6e1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 17735.mp4
www.drostatic.com/mobile/video/ 3 MB
3 MB 94ms
93ms Media
video/mp4 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drostatic.com/mobile/video/17735.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95d004b3bd9e8a2396dc8ce6119e4b253f0de253afdbb76669d3536bd0859b64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-3254582/3254583
Content-Length: 3254583
cf-request-id: 07c2d2a7c4000005f56d09a000000001
last-modified: Wed, 30 Aug 2017 20:34:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "59a7213d-31a937"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sSBntBfZ0kuImGRIiRAO%2BFIs8iNKdhdPiZ9bTXnY3fJTfIjf8P8ey52NOh59FCLebWm4u%2Fu5UdZqHOVP0ZFVGNTZ4ObbD4mJh1WonIfhjcwAqGf6zB9wRWusEt%2BaqA%3D%3D"}]}
content-type: video/mp4
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-ray: 614b20860a6305f5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6984
date: Wed, 20 Jan 2021 17:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 20 Jan 2021 19:19:32 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dro-foot-kisseo-flag-fr.png
www.drostatic.com/images/dromadaire/v2017/flags/ 190 B
735 B 22ms
21ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2017/flags/dro-foot-kisseo-flag-fr.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f46baeee254f6aafd8622ebea73eb99ab3f392e5d875f513a4d256c3a3ec914

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5a212b94-457"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426872
cf-polished: origFmt=png, origSize=1111
content-disposition: inline; filename="dro-foot-kisseo-flag-fr.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 190
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Dec 2017 10:14:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjYdPcI5QRucSR%2Bw6xPHKrZ25dYwflNt%2FAJWQP11PqrVOFHwEUQrCdKpNt2AT0Y4izJ%2BdPktzaDWoA%2Bskpa33URBFw%2BETj8YcsRZ2mksveKk4mjHAza5FwltHOJUfg%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a816000005f57ab5e000000001
accept-ranges: bytes
cf-ray: 614b20868c4405f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dro-foot-kisseo-flag-de.png
www.drostatic.com/images/dromadaire/v2017/flags/ 110 B
655 B 25ms
24ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2017/flags/dro-foot-kisseo-flag-de.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c242475c96edd715dca68aa4143a5187315d5a382bc92e7ae8d9700e0a1251

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59fc8bba-3fe"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 433689
cf-polished: origFmt=png, origSize=1022
content-disposition: inline; filename="dro-foot-kisseo-flag-de.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 110
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Nov 2017 15:31:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vBVAB%2BrnSdEREIwsr8QfTGk2HEj9BYXoNiz1sOjrXmMSpGUmcYUQrggrGgj7qY3tTC%2FDH0vPl5Yt5Z%2B3FwR125Gd0hq9VRbYghiqJUSYx4ASk%2BTyDdEk%2FttkIeW8qQ%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a817000005f5ac109000000001
accept-ranges: bytes
cf-ray: 614b20868c4905f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dro-foot-kisseo-flag-es.png
www.drostatic.com/images/dromadaire/v2017/flags/ 666 B
1 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2017/flags/dro-foot-kisseo-flag-es.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5730497ba86f0954b370190b0ab9f56cb1e8e7f7a3f54af4502b77f3fa30c5da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59fc8bba-6e8"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 435615
cf-polished: origFmt=png, origSize=1768
content-disposition: inline; filename="dro-foot-kisseo-flag-es.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 666
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Nov 2017 15:31:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w2%2Bk%2FmBEK4cfq40v4AtHjORRe5uki%2Fc6R9irUYSXcv2tWv3bwoORkuccbMPg2QS6sM%2Bq9ZHvZgTrygRnzOMWpaD%2FMOyxi%2Fb4v9xkA7QomIUBSzSe6w9Cnuocf7AMLw%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a817000005f58a1a6000000001
accept-ranges: bytes
cf-ray: 614b20868c4c05f5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dro-foot-kisseo-flag-it.png
www.drostatic.com/images/dromadaire/v2017/flags/ 102 B
475 B 24ms
23ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/images/dromadaire/v2017/flags/dro-foot-kisseo-flag-it.png

Requested by

Host: www.kisseo.com
URL: https://www.kisseo.com/css/styles-1611154634.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9afe805427988de3969f7096f281ab7f3fd6b94f204539b3162947446460f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kisseo.com/css/styles-1611154634.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "59fc8bba-3f7"
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425438
cf-polished: origFmt=png, origSize=1015
content-disposition: inline; filename="dro-foot-kisseo-flag-it.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 102
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Nov 2017 15:31:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 20 Jan 2021 19:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z9xnV7tcLbsF9mSRKvZJuTszSecFmE4Gdm591CkbmX6d2iJCh76RZeT%2FfrsS2PBQqtAiUv3fMx1dx6YqAtVxiAeNdbr2FT731vQHhGXvoCqz7WDO0EqCJw63bx86Bw%3D%3D"}]}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 07c2d2a818000005f57335b000000001
accept-ranges: bytes
cf-ray: 614b20868c5105f5-FRA
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/ 228 KB
85 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87099
x-xss-protection: 0
server: cafe
etag: 6583541633825610200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jan 2021 19:15:56 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/ Frame 9AE9 0
0 11ms
10ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210113/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 20 Jan 2021 02:52:04 GMT
expires: Wed, 03 Feb 2021 02:52:04 GMT
content-type: text/html; charset=UTF-8
etag: 12197657918578843409
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
age: 59032
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
387 B 66ms
14ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1284523894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&ul=en-us&de=UTF-8&dt=My%20card%20Christmas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1570305004&gjid=514894623&cid=505491319.1611170157&tid=UA-167163-10&_gid=1775772917.1611170157&_r=1&_slc=1&z=657231954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Jan 2021 19:15:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kisseo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
638 B 122ms
33ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kisseo.com&callback=_gfp_s_&client=ca-pub-7680233355820537

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9e464c0736f162bab8a9e74794b1dcc0d45249aa753e82914003e3087cab15f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 17ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kisseo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
243 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kisseo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 33F3 0
0 523ms
522ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&h=90&slotname=6712357842&adk=189486802&adf=283436930&pi=t.ma~as.6712357842&w=728&lmt=1611170156&psa=0&format=728x90&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&flash=0&wgl=1&dt=1611170156628&bpp=18&bdt=484&idt=88&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6598955535891&frm=20&pv=2&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PTkf8Ox0jm&p=https%3A//www.kisseo.com&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8029834133569179898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8029834133569179898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu5_sacq-4CFbwvrQYd7-kPrw&gqi=bIEIYISDNb2qngWZyqToBQ&layout=/sadbundle/%24csp%253Der3%24/8029834133569179898/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&h=90&slotname=6712357842&adk=189486802&adf=283436930&pi=t.ma~as.6712357842&w=728&lmt=1611170156&psa=0&format=728x90&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&flash=0&wgl=1&dt=1611170156628&bpp=18&bdt=484&idt=88&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6598955535891&frm=20&pv=2&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PTkf8Ox0jm&p=https%3A//www.kisseo.com&dtd=154
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8029834133569179898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8029834133569179898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu5_sacq-4CFbwvrQYd7-kPrw&gqi=bIEIYISDNb2qngWZyqToBQ&layout=/sadbundle/%24csp%253Der3%24/8029834133569179898/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Jan 2021 19:15:57 GMT
server: cafe
content-length: 31384
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Jan-2021 19:30:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Jan 2021 19:15:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610714114181599"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28294
x-xss-protection: 0
expires: Wed, 20 Jan 2021 19:15:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
86 B 53ms
52ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&tn=DIV&id=cookieChoiceInfo&ign=false

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jan 2021 19:15:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 219F 0
0 213ms
212ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&adk=1812271804&adf=3025194257&lmt=1611170156&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&ea=0&flash=0&pra=7&wgl=1&dt=1611170156646&bpp=3&bdt=502&idt=151&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6598955535891&frm=20&pv=1&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7680233355820537&output=html&adk=1812271804&adf=3025194257&lmt=1611170156&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.kisseo.com%2Fpost%2Fview%2F%3Fp%3DeyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0%3D%26utm_source%3Dsent_conf%26utm_medium%3Demail%26utm_campaign%3Dmail_destinataire&ea=0&flash=0&pra=7&wgl=1&dt=1611170156646&bpp=3&bdt=502&idt=151&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6598955535891&frm=20&pv=1&ga_vid=505491319.1611170157&ga_sid=1611170157&ga_hid=1284523894&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=522293187129093&pem=292&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Jan 2021 19:15:56 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Jan-2021 19:30:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Jan 2021 19:15:56 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210113&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b880cab03c321a994593d012b9949114ef4a42adfad94fc024f62c64a7259fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jan 2021 19:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6834
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Wed, 20 Jan 2021 19:15:57 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 639B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Wed, 20 Jan 2021 10:23:25 GMT
expires: Thu, 20 Jan 2022 10:23:25 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 31952
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
196 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210113&jk=522293187129093&bg=!REelRwTNAAWtJAQVrTsAKQB2-Dxa-LRNuZmpLCsYjc2l4XStSTzNtx2bl9sI9aKcrebXyuQP-BTRAgAAAI9SAAAAFWgBBwoAgkP4ydicLhjagMVm1yo3YvC6mzE74WHIbiTncQaiViOkkh5h50hlowCEQAm0OquNx15AYzqy0M6ptWe8xdysilZ4rwYdOgu2yamHyqKpdnfoU1h_kk-fC8lArcLx20kc6kzl7aCk9W662mO7_kkO8IVMC60h2S-r3JzAj_dxiectchCZAcoQ3xxBVLEopn-NWua41GNplUsZqhvEEdXXPtXAeigBGCllYZ7N7dywqP7bQuL6N-KzDG9QPsm79ob_2Akhbob1_raaEzO7imxcseceWs3xXgyFfTbBRSG_kTP9NdXp63ZhAbTbVCsA7UjkBLtNNH_ofHR8DfHUi2Qm0mwrlLDCl0PpP-qWXENQR2N4FvEfFYBVhUdPsAbZ3ZX4sVlbE8usyWJoIu6eCpyXyavOVnDrhsiS1LDKPccCY3Qy9uQNFLmi2txETyCFeZ9kF1tveWPlwXTT6TeyY9TZRQW-PJcjAQMNqW9JJMxZIV5e3myXFLTc_4YtRzwNM5Vk7cMotNxH3XcYBxlbclvg3gq6QnxdSnBusElzwhtZSEwbf7GBQ1WHcWE-qX9k0cnOrG3zX1ciInnvxgF15WZD08YJ4Uz-0cKXjspzbgC-ZBsdi6SR6f9PbBFprQODZfrVZqxDyroKWvYxS5w9Tnqp1E0JsrTOPc7M4UXnwHTxJdr9NpMxWf_FKGL8K3wFF2afAXJrphH8R2hFE9QuZI7AqVgYIFSSEk5WUzNCTyho8DwKldSw4Iuq9_mi7SvU5Sc7CPBND3Js8nx6Q5KCwSFXAw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kisseo.com/post/view/?p=eyJ0eGlkIjoiQVktMTYwODcyMzE3MjYwMDIiLCJyX2VtYWlsIjoiYnV5aW5nLmFzc2lzdGFudHNAaW5ncmFtbWljcm8uY29tIn0=&utm_source=sent_conf&utm_medium=email&utm_campaign=mail_destinataire
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jan 2021 19:15:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 00:54:26	Name: IDE Value: AHWqTUmZeH4pXglO4qkyOCvWjwd_ElW5v74Uf9QO-oSh1pqPnSX3Wg-dfccBLf3C
.doubleclick.net/	1970-01-19 15:32:53	Name: DSID Value: NO_DATA
.kisseo.com/	1970-01-20 00:54:26	Name: __gads Value: ID=69036acbc421b2db-226e65aaa8a600ee:T=1611170156:RT=1611170156:S=ALNI_MaaYTWuAqdiI6mcXVdr5whgtmFG9g
.kisseo.com/	1970-01-19 15:32:50	Name: _gat Value: 1
.kisseo.com/	1970-01-19 15:34:16	Name: _gid Value: GA1.2.1775772917.1611170157
.kisseo.com/	1970-01-20 09:04:02	Name: _ga Value: GA1.2.505491319.1611170157
www.kisseo.com/	1969-12-31 23:59:59	Name: __Secure-PHPSESSID Value: 2ka19r45i4skna93lvdvbdhio7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
tracking.kisseo.com
www.drostatic.com
www.google-analytics.com
www.googletagservices.com
www.kisseo.com
142.250.74.194
2001:4de0:ac19::1:b:1b
212.129.31.238
2606:4700:20::681a:8c0
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:821::200a
91.134.188.169
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0591071d12e737dd830719a48b186369b4692b10e349097d9123c2bc8972dd32
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
0e31cf5e0adc6b5dc946a1bad9c1c8a9609cb1fc7d6bb749275c91fb56dc3c49
0f75ff03ffff98b0d1785d09767db79fb08d72cf16728ad88b314d7a6c857724
11d51bd6867f1701a17c8476f72335a6e6c47212493f6b881ce08c1baabbe835
12d5b636731f60b3994deb4b03608279bb9b5bb5f229fa42871bd0bc78aba970
1a585d7023c444dd342996bf2ce3f161e3f06dabfb765023c06633a76cbb3200
1cb9396b585be7bcc9528e912516d6339c26e72d597a2ceff9a1379c328ee5bb
233cb06c56ab1034035291cb905c5d10257c8038fdc5ceb8ecccd1ac80be514f
23c242475c96edd715dca68aa4143a5187315d5a382bc92e7ae8d9700e0a1251
28a786332654d3c8ec4e9307562b820aef300dc217e16d1a525798b150aa783d
2968626d820be93eb14d89f9a752527aa5e58ceb78ffff41993fbc1d3938052e
2c9afe805427988de3969f7096f281ab7f3fd6b94f204539b3162947446460f8
2e8a06dce2aeae3741fb30716727f4fd0ae664093a9f5042d4ea413d8f69d2c5
3b880cab03c321a994593d012b9949114ef4a42adfad94fc024f62c64a7259fc
3d1fd91d8a429d51fb8df45a0a16dbc19dfa4b89d40cab7ee81ba68edb6ad58d
3ecd986782e708bda446ae3b0a11f7396832150ed5d3caf962e79baf9de6583d
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
419a7a9a690d82e23c33f1d4a0fb1803279738bf078ab0935d106f687e234e12
44a5225f26eb3577de31215894ff2d4cd528e74ff8ef2b3899172d9d8137749b
48fb3b1f1cce16a2520159fa61bca651553b38f9015547ebe415a3eba752fddc
4f2722825cb20ae7e91f470a682457ca671909035ea2cde5af96874a51d6375f
5730497ba86f0954b370190b0ab9f56cb1e8e7f7a3f54af4502b77f3fa30c5da
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
607974e31ad67a1d71fd50dffaff14c2450d90cf88cb9ac8c145cbc4be15e61f
61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec
62d95221d7ec03d6d27d89c313cb51357a3df79f356348833b71e1b27a08591d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6ab72f82ee0a886ee2c1fa4e770ceee748a5a1d0a42c182cb7e885c9c463fe5a
6cbf31d45f8852ae7dc0db6fa77b5a5cad57ca84962c3f5da58428214feea6ac
6ea272f02f9358ca3b5ddefe5b4017340346a95094cd6ec77c7ae8f1a5a3ab96
6ff0bd3fb994965e68e66032063720023a703ce2b96820aa07fd7a1ebed9db2f
7f46baeee254f6aafd8622ebea73eb99ab3f392e5d875f513a4d256c3a3ec914
88e5bde7c65e3ef0a56b7af3987f47189dcc8f338f7361c2ecd7119ccd6da5d5
8a6feba2119854adf8d83783f1922e3f16ae3d1058618e1733aba2697aef5389
8d9d665d07499f0fb55d32f98f916c90fc1154f4f7c94c9a458e85ac9032094e
95d004b3bd9e8a2396dc8ce6119e4b253f0de253afdbb76669d3536bd0859b64
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9e464c0736f162bab8a9e74794b1dcc0d45249aa753e82914003e3087cab15f6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08717fb13fa67d3111599e8bc92f696e530f0bed6914dc8428cbeef3f57d2ba
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
b416e69aee060df05f791dc434c7e6c79e5b733288d525e715a10f084811ef86
b8bc2e7bd89c2e7fa8da332f9cdb55335d7d8b67e18b644285210d9b15fdfea7
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c3d726d50ff769a7634cb55467852b75b41e274e5aeca5ef9109630e51f7537f
c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b
c68f367e61c28ee258595cfdcf6d8a2e626530384350659c120b4da03902b427
cae5c2fb988c50614ef09b61f450207bc89106a8fe705c031325466b100f20b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea310d11226e7b924efeb3f899b0a61ba3778cab60c57c8021341ab7ec738f6d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee37d66730475957fcf39e1c79a9b0fac1658004312e74fa5376ddf6d7b6a674
ef266111619a4c24db3b99f846bec8de3f4cd08cc1bac6a28312e5997a757d59
fd6708d18e77fbf7a55960250d081b1043d4288b07258e8212a583b94c4b03c7

www.kisseo.com Open in urlscan Pro 212.129.31.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

73 %IPv6

12 Domains

14 Subdomains

11 IPs

4 Countries

4844 kBTransfer

6458 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kisseo.com Open in urlscan Pro
212.129.31.238 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

73 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

4844 kB
Transfer

6458 kB
Size

7
Cookies

60 HTTP transactions
7 data transactions