ja.domainelespailles.net Open in urlscan Pro
2606:4700:3032::6815:976 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.domainelespailles.net/
Effective URL:
https://ja.domainelespailles.net/
Submission: On June 16 via manual (June 16th 2021, 2:41:50 am UTC) from JP

Summary HTTP 145 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 29 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3032::6815:976, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.domainelespailles.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 13th 2021. Valid for: a year.

This is the only time ja.domainelespailles.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3032::6815:976	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	145.239.131.60 145.239.131.60	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
13	2606:4700:303... 2606:4700:3035::ac43:bd3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
2	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6 20	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
145	27

6 2606:4700:3032::6815:976 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.131.60 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::ac43:bd3d (United States)

ASN13335 (CLOUDFLARENET, US)

domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com 4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com tpc.googlesyndication.com	267 KB
19	domainelespailles.net 1 redirects ja.domainelespailles.net domainelespailles.net	2 MB
18	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	195 KB
13	yandex.ru 4 redirects mc.yandex.ru	72 KB
10	ampproject.org cdn.ampproject.org	200 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	118 KB
8	google.com 1 redirects adservice.google.com www.google.com	2 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
5	googletagservices.com www.googletagservices.com	151 KB
5	zx-adnet.com cdn.zx-adnet.com	123 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	google.de adservice.google.de	975 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	479 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	539 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googleadservices.com partner.googleadservices.com	497 B
1	onetrust.com geolocation.onetrust.com	446 B
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	364 B
1	jquery.com code.jquery.com	29 KB
1	load02.biz load02.biz	20 KB
1	cstwpush.com cst.cstwpush.com	60 KB
1	ibb.co i.ibb.co	29 KB
0	netmng.com Failed google2waycm.netmng.com Failed
145	29

	Domain	Requested by
18	tpc.googlesyndication.com	ja.domainelespailles.net securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
17	domainelespailles.net	ja.domainelespailles.net domainelespailles.net
13	mc.yandex.ru	4 redirects ja.domainelespailles.net
13	pagead2.googlesyndication.com	cst.cstwpush.com securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com ja.domainelespailles.net googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.domainelespailles.net
7	fonts.gstatic.com	fonts.googleapis.com
7	mc.yandex.com	2 redirects ja.domainelespailles.net mc.yandex.ru
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.google.com	1 redirects ja.domainelespailles.net tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cdn.zx-adnet.com	ja.domainelespailles.net cdn.zx-adnet.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects ja.domainelespailles.net
2	cdn.jsdelivr.net	ja.domainelespailles.net
2	ja.domainelespailles.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	js.wpushsdk.com	cst.cstwpush.com
1	na.nawpush.com	cst.cstwpush.com
1	code.jquery.com	ja.domainelespailles.net
1	load02.biz	ja.domainelespailles.net
1	cst.cstwpush.com	ja.domainelespailles.net
1	i.ibb.co	ja.domainelespailles.net
0	google2waycm.netmng.com Failed	googleads.g.doubleclick.net
145	36

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
tr.admachina.com
domainelespailles.net
ar.domainelespailles.net
bg.domainelespailles.net
cs.domainelespailles.net
de.domainelespailles.net
el.domainelespailles.net
es.domainelespailles.net
et.domainelespailles.net
fi.domainelespailles.net
fr.domainelespailles.net
hi.domainelespailles.net
hr.domainelespailles.net
hu.domainelespailles.net
id.domainelespailles.net
it.domainelespailles.net
iw.domainelespailles.net
ko.domainelespailles.net
lt.domainelespailles.net
lv.domainelespailles.net
ms.domainelespailles.net
nl.domainelespailles.net
no.domainelespailles.net
pl.domainelespailles.net
pt.domainelespailles.net
ro.domainelespailles.net
ru.domainelespailles.net
sk.domainelespailles.net
sl.domainelespailles.net
sr.domainelespailles.net
sv.domainelespailles.net
th.domainelespailles.net
tr.domainelespailles.net
uk.domainelespailles.net
vi.domainelespailles.net
cn.domainelespailles.net
tw.domainelespailles.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-13` - `2022-01-12`	a year	crt.sh
covid19-dashboard.ivod.at GTS CA 1D4	`2021-05-17` - `2021-08-15`	3 months	crt.sh
ibb.co R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
cstwpush.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
load01.biz R3	`2021-05-10` - `2021-08-08`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://ja.domainelespailles.net/
Frame ID: DB0A7CF611D4A10E736BADD96B5E2BB1
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html
Frame ID: 5D5A83C9F29C4F780EB83352ED5C8547
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 956FE6B8B1A516CC0A53EF695CFD781D
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: DEC265FE21EF5251090FD7161F9E8CAA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB3795811D3F092BC3EF01D20F61FC14
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 00A543683B147C77DF9A313633C8BFD2
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG4JskTMJhKqCXirpYguoik8960A1bbq3t7XXysMVu0Wa54ULPsOTLC9RrDXsjfxUa2Zqqq87H4idseztshjMmjfBJcG8wFfNqG0-nhpjtZN8mq4925yOZXQBqpwUVNzeHRlDTJg4GC1T3lh1WBNC84dAGNURxiGVru3EssL0wtkp41oToH8cZJ9sPAOCED6UlI3ZrWdsGqQ0t0K_OzBDpeZVnoVbTe1xLd7BnRAT8emmXdNdpT60-F6grO5L9FwYE_mEw5NDGSDgzn4j2nqXLiIHeYMeHZo5sZV1m-6-yRj8cMOQpzhVGancHtaio8Yk1Ifj7&sai=AMfl-YTPZ0hvRl2lHPnkG2eLaZf09NDvvXb6nULtVDIyp4bRuonQStWaYhn4mrbAm_uu2AzPtuNxs_L4MU8KpMmU1SRmkburzywWE0i0O16bumwEe-BoH7r58l8fVdHNoUPc&sig=Cg0ArKJSzFU9kHTpKoxkEAE&urlfix=1&adurl=
Frame ID: 826900E7C5CFBCA558CC5488E6A944EB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97
Frame ID: 270B996FF673C40361B62A957321CE44
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4053D2DFA5CDCB48ADF7B51BB79A6CE7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js
Frame ID: D743B57EBEBC7C4121AEF3509C5DCD19
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: BAD387B89AEC16D7417BAD0B578693C8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E64EB57736FE388B918CCD94F7409D62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ja.domainelespailles.net/ HTTP 301
https://ja.domainelespailles.net/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

145
Requests

92 %
HTTPS

58 %
IPv6

29
Domains

36
Subdomains

27
IPs

6
Countries

2896 kB
Transfer

6406 kB
Size

6
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://tr.admachina.com/click?pid=202&offer_id=3235&sub1=p1

Search URL Search Domain Scan URL

URL: https://domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ar.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://bg.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://cs.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://de.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://el.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://es.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://et.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://fi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://fr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hu.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://id.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://it.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://iw.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ko.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://lt.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://lv.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ms.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://nl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://no.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://pl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://pt.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ro.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ru.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sk.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sv.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://th.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://tr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://uk.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://vi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://cn.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://tw.domainelespailles.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.domainelespailles.net/ HTTP 301
https://ja.domainelespailles.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9305.mZrKlTxUuwLGwIcnK1YTeU-g1w-Mh_LaiMyEafb7RG6e5H1soRJQaQf0KFnNzQx1.aqkD791gpOPxVSVUSAUzO92KS1g%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9305.ct7NGMkPDOe6e8PTdmfyVu6nxeSOp7TI5sIzAm91nQTprGOj4yTTbA_xNOyYaAyy7uyArFj828XadUXj6G4R3w%2C%2C.GGLzgp0lMTac1tzxXdKhV5cAKpY%2C

Request Chain 48

https://mc.yandex.com/watch/71313778?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1088208964513%3Ahid%3A383477836%3Az%3A120%3Ai%3A20210616044132%3Aet%3A1623811293%3Ac%3A1%3Arn%3A485552066%3Au%3A16238112931003645540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623811291972%3Ads%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C206%2C0%2C%2C%2C%2C327%3Adsn%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C207%2C0%2C%2C%2C%2C327%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623811293%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles HTTP 302
https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1088208964513%3Ahid%3A383477836%3Az%3A120%3Ai%3A20210616044132%3Aet%3A1623811293%3Ac%3A1%3Arn%3A485552066%3Au%3A16238112931003645540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623811291972%3Ads%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C206%2C0%2C%2C%2C%2C327%3Adsn%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C207%2C0%2C%2C%2C%2C327%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623811293%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles

Request Chain 53

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.5967438779127232 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.5967438779127232

Request Chain 55

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.27763363833815924 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.27763363833815924

Request Chain 57

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9648489828656106 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9648489828656106

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGpWxb-4qY3NoE3Pb9nr1lU&google_cver=1&google_push=AYg5qPIx_HkgwEhhzpadbFgLwyXBKb4I6ul2dhPyXabrYDDEVz6ccBpLOhW4MMunSptBU73sjPEu6mMfUBdZHxFzHdezQsOuFFYq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpWxb-4qY3NoE3Pb9nr1lU&google_push=AYg5qPIx_HkgwEhhzpadbFgLwyXBKb4I6ul2dhPyXabrYDDEVz6ccBpLOhW4MMunSptBU73sjPEu6mMfUBdZHxFzHdezQsOuFFYq

Request Chain 136

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA7CCbR2fPNsOePaqHq7Gcw&google_cver=1&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E-fD7O7KsmEpHW28dl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E-fD7O7KsmEpHW28dl&google_hm=6mB-sbN4Q1eKcOlnOHUtHQU

Request Chain 137

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzXu5rYd2GeHDGITHi-kMI&google_cver=1&google_push=AYg5qPJyR9RIqcyJR720GJHqjvZtEyT3PHUzH9A18bj9W5K_ZUyHV4Re2QBqoZvvQLb_tDr82j254Eb5-YWdbD2jFWPFZie2T8jo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzXu5rYd2GeHDGITHi-kMI&google_cver=1&google_push=AYg5qPJyR9RIqcyJR720GJHqjvZtEyT3PHUzH9A18bj9W5K_ZUyHV4Re2QBqoZvvQLb_tDr82j254Eb5-YWdbD2jFWPFZie2T8jo&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O2chEj-5Q46qBnN52IwA0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJyR9RIqcyJR720GJHqjvZtEyT3PHUzH9A18bj9W5K_ZUyHV4Re2QBqoZvvQLb_tDr82j254Eb5-YWdbD2jFWPFZie2T8jo

Request Chain 138

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB6_5hrVNPyNTKCaWeSWAoo&google_cver=1&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXiEaWAukFcLJKVo76-9aJ7WV7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BZVkJJMjgtMVgtSlFWMA==&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXiEaWAukFcLJKVo76-9aJ7WV7Q

Request Chain 139

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMSsq6mQbXSd8BXY2W80RrQ&google_cver=1&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMSsq6mQbXSd8BXY2W80RrQ&google_cver=1&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG&google_hm=b4ebf3d583d73b5a7c4dd217

145 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.domainelespailles.net/
Redirect Chain

http://ja.domainelespailles.net/
https://ja.domainelespailles.net/

65 KB
9 KB

76ms
58ms

Document
text/html

2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18bde5c1efa2dffc3afbd62a5b43876514a123f8ce24cb07665b9132a9b625cc

Request headers

:method: GET
:authority: ja.domainelespailles.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Thu, 17 Jun 2021 02:41:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0ab44b137600001f45aaba7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MfxguyWH2Z3siSS%2BwIIDMUbv0OZkJztjpICC4YHujcw95ydBikyj039Fybsm0Eaci1Su%2FfObjlmzFTwV4vWjhNg5eMFMdYdOd9p4h%2FjKEtydQ%2F9VAY6iks31qvt%2BBTwhOlOmjkwALdYd1CTJUhr7ng%2BL"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6600adff28951f45-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 16 Jun 2021 02:41:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 16 Jun 2021 03:41:31 GMT
Location: https://ja.domainelespailles.net/
cf-request-id: 0ab44b135400004ed318a3a000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kcGOKGPFSNxp60xd4XDy6a10ozmTETRiQvUPKRb0D3TDbMzyiVER%2BtEqvdx1vAtk7DN6kfNU2geuqMOb1%2Bm3bVDmJdZjr860mkRcqaANqhW8OYnJw4V94e5CCZVC8FEuzrD5TmW9QEq4F7uG%2B7fKyAH0"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6600adfeeb884ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 144 KB
19 KB 51ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623811292.126435,VS0,VE1
etag: "5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by: cache-ams21050-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 16 Jun 2021 02:41:32 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19503
x-cache-hits: 1

GET
H2 200 payoneer300px.png
i.ibb.co/RBmChvT/ 28 KB
29 KB 68ms
22ms Image
image/png 145.239.131.60
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/RBmChvT/payoneer300px.png
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 339106ca1ee04659f2073f307a2f5ff696c0e659d2651e6067021021d1f0e456

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 09 Jun 2021 18:01:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28949
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
domainelespailles.net/template/domainelespailles/css/ 641 KB
80 KB 41ms
32ms Stylesheet
text/css 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/css/style.css
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903b7d70660ecd4b49d3878998c2118064c37cf88be82af6eb023744ed379033

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 876921
cf-polished: origSize=677484
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13be00001f459e900000000001
last-modified: Tue, 19 Jan 2021 07:42:06 GMT
server: cloudflare
etag: W/"a566c-5b93bf9b04533-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qeagzFl%2BIVWgP2%2F0UvUbyHFWGgVIFWb4AV0oyLyhfrbskUoxFrGoUH1CBVcuapdKM3EgC0hArB7M2j1zW6lAPGYVzXZDYf1zGlYI5bfrLBq3x3j%2FR1PzKnt%2B%2BiP%2Bn7fLVtmtEc2LtQwy%2BtzCTcVF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6600adff99741f45-FRA
expires: Sat, 19 Jun 2021 23:06:11 GMT

GET
H2 200 scripts.js Show response
domainelespailles.net/template/domainelespailles/js/ 431 KB
99 KB 51ms
43ms Script
application/javascript 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/js/scripts.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 463372edb7ab8600022a1bf6f37a69a13006b84c8767c3067c3ce8668a28eefd

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 876921
cf-polished: origSize=442827
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13c200001f4564240000000001
last-modified: Tue, 19 Jan 2021 07:43:08 GMT
server: cloudflare
etag: W/"6c1cb-5b93bfd5a9063-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WmiieO0CL8koVrs3015DDBluBTZhmBec2umpZhLrifxqcFW1i8DNFfth2KsBybKYhVHAZuSg%2BsaTcO90pFMe2I2goQbK2HPOn6ud2dAFw37QYdasU5UAq6TtD0COxu%2FqyQG%2Fyk0MT6DKpgFZN6ed"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6600adff997a1f45-FRA
expires: Sat, 19 Jun 2021 23:06:11 GMT

GET
H2 200 adv.css
domainelespailles.net/template/domainelespailles/css/ 61 KB
42 KB 27ms
18ms Stylesheet
text/css 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/css/adv.css
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1035631
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13c100001f45bf16a000000001
last-modified: Fri, 12 Mar 2021 19:57:00 GMT
server: cloudflare
etag: W/"f5d7-5bd5c4da06f50-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HGiZv6Vn4vffAqv68R%2BlK8frKhLkDcnAAYLymu356uZpUwzdqz5FH158sj4jUg5pcZ1wcoxhv4CLd%2F9WD0u9zkcYQon4%2B8kYEc1jAHQKjbNPlldjmGL98iRiIQVwMDNmIWCG7U0kco%2BsoQiOO8Na"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6600adff99781f45-FRA
expires: Fri, 18 Jun 2021 03:01:01 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
1 KB 21ms
20ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8340
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13bc00004a98ba9d0000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6600adff8e334a98-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 16ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28309
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13b700004a983c907000000001
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6600adff8e364a98-FRA

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 75ms
19ms Script
text/plain 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 02:41:32 GMT
Connection: Keep-Alive
Last-Modified: Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs: atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id: tx000000000000062515748-0060c963a2-fb33aff-fra1a
etag: "f7f10698b0e6bb748101b0917e29d311"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1623811292.dop240.am5.t,1623811292.cds293.am5.shn,1623811292.dop240.am5.t,1623811292.cds017.am5.c
Content-Type: text/plain
Cache-Control: max-age=3286
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60434

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 64ms
20ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1f32cf171dd7f82fb2182b245d3aa3fbefe7323e958a8e55fbb9f3e33eb357b4

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Jun 2021 02:41:32 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 25ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:11:56 GMT
server: nginx
etag: W/"56cb5d7c-14e7e"
vary: Accept-Encoding
x-hw: 1623811292.dop205.fr8.t,1623811292.cds283.fr8.hn,1623811292.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H2 200 jquery.unveil2.min.js Show response
domainelespailles.net/template/domainelespailles/js/ 3 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/js/jquery.unveil2.min.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1024980
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab44b13c700001f45a7827000000001
last-modified: Tue, 19 Jan 2021 07:43:07 GMT
server: cloudflare
etag: W/"b2e-5b93bfd4a34e2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4vpEAwNQbZ0KKrWk2vRjGZ%2F7R3R5UXatWDMLfG1CzilkxB5wC6KgNJVXKxoI2n22GVuNTbEV4UESGXMAhtT0fZPqDpmcF%2BEjhT33PNYLV4OnyX9yGzIMpAMkaOfj%2BinFTbiGGnqRJwcQMtWlGb9m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6600adffa98c1f45-FRA
expires: Fri, 18 Jun 2021 05:58:32 GMT

GET
H3-29 200 how-would-i-delete-the-first-27-characters-from-every-line-notepad.jpg
domainelespailles.net/include/how/ 84 KB
85 KB 48ms
33ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/how/how-would-i-delete-the-first-27-characters-from-every-line-notepad.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f380c229eceaa62338664d9893e6360df7332616d4b8a71d9ddfe2a0e3023b1

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 86040
cf-request-id: 0ab44b13f800001f397bb90000000001
last-modified: Tue, 19 Jan 2021 07:43:40 GMT
server: cloudflare
etag: "15018-5b93bff4b544b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fqwt%2FPArwwecP8FLpecHKn1WSc9OMDDK8yC637yy4dJBVIGlbYFG0Fivq7KDVhrzVsY9uMNJx%2BZfM2KXxxUcwD48c2bD1qcGVNuI0AzsIO5x7bJ2WLUGlLL2SDqwp5ujD3tkgb0YeJWAfEdNisoF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff01f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 keyboard-shortcut-for-moving-a-window-to-another-screen.png
domainelespailles.net/include/keyboard/ 168 KB
169 KB 59ms
45ms Image
image/png 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/keyboard/keyboard-shortcut-for-moving-a-window-to-another-screen.png
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 393ed5dd9e9960a04910ef73024a123165a0953d98fd7f225db7adfbc569e144

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 172379
cf-request-id: 0ab44b13f800001f39989d9000000001
last-modified: Tue, 19 Jan 2021 07:43:44 GMT
server: cloudflare
etag: "2a15b-5b93bff7cc48c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hcOC7IfOfWRZeyGbuWFBeSQ85VFtkw7Igy1WcpvSlhpV4FjehvcRuHTqy76%2FE9Vbv0fxlB5%2Fnk4GuVf4BTGTSUdmWbQlQ7v%2F1wKQfqYfJ5O5elnQV7JTzJE8Zl6zoAnQnNKE2CoV5cp6n7%2FSmKsj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff31f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 what-is-the-windows-equivalent-of-the-unix-command-cat.gif
domainelespailles.net/include/what/ 167 KB
167 KB 53ms
38ms Image
image/gif 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/what/what-is-the-windows-equivalent-of-the-unix-command-cat.gif
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a3efb9f1e04a39d3b84536da7115faca1fcbb16aa8c9309df6fab4ce0f8bf5

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 170693
cf-request-id: 0ab44b13f900001f396b0f2000000001
last-modified: Tue, 19 Jan 2021 07:44:18 GMT
server: cloudflare
etag: "29ac5-5b93c018f6854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C%2BtcDyLvghDLB3OTEh9cIb87mDHTFKM%2FuM3pUzm9hFSzW7wBT8OHu7Ze4Dc1h8%2BdfO0V0jQktbqjzb%2Bn%2B8HODTLc%2BS1j8ICRziXI9FdU01%2Fn2p8UGUi2JgOdEJgW193%2FjtYF8sLKM0NFrx30r3xU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff61f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 how-to-paste-text-into-input-fields-that-block-it.jpg
domainelespailles.net/include/google/ 136 KB
136 KB 100ms
86ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/google/how-to-paste-text-into-input-fields-that-block-it.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b22d07aac3832950f48e6edbfa6b6407665dae0d38bc97a5e3391841f49b42f

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 138971
cf-request-id: 0ab44b13f900001f3937ac2000000001
last-modified: Tue, 19 Jan 2021 07:43:30 GMT
server: cloudflare
etag: "21edb-5b93bfeafcfc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FNvc0smIAWTGvoDxGLKdANYccZtbW2VdMuFJpVJBjpoUj6IgRoOuT76p68A6vPVzPgLuHblpTXXchPtlGHnymwrlTU5oPuDVd%2BVFSquuky3ZmclcjHh0JsuCNtfk9CAE1aRM8Ji2ODhcTH2y9uIZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff81f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 laptops-internal-keyboard-as-an-external-one-4.png
domainelespailles.net/include/usb/ 128 KB
0 63ms
49ms Image
image/png 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/usb/laptops-internal-keyboard-as-an-external-one-4.png
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 578111
cf-request-id: 0ab44b13f900001f39b816c000000001
last-modified: Tue, 19 Jan 2021 07:44:15 GMT
server: cloudflare
etag: "8d23f-5b93c01584af3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zncKw7V0HAMNukAEu3FmAwLqUHKrpZ8INC9DxV3wy%2BnpRIPWhryjAZOymZ7ffC%2FJjX4GYwaCfR50cVcv%2BT6ZYQy5SEeOegKhWQa4Y6QODsyQT8Na8M3zADSAT7sWsM5wIbFY5tNPAP1vB6%2BM7s0Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff51f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 windows-unable-to-delete-_-file.jpg
domainelespailles.net/include/command/ 109 KB
109 KB 105ms
91ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/command/windows-unable-to-delete-_-file.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3edbc5e6a799b1515eae57a1068a2b6b0ebbe2c0327be24b9064582a0294911c

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 111422
cf-request-id: 0ab44b13fa00001f39731b7000000001
last-modified: Tue, 19 Jan 2021 07:43:23 GMT
server: cloudflare
etag: "1b33e-5b93bfe4780a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SiaSVwCnDyNdCVQpzvJRHRjMLQ6b0etyjFoC00ZNam6T3N3JTPLdW9%2FiS%2FRwSE38U2I2oNnfk%2B3p3uLwdRpNad5q3Hm1vQD1KNmyF01jI5HZ7%2Ba09bullncq827WfeKBksXE0cZBkEAVmiCvmUSh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffffc1f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 producing-a-specific-ascii-character-in-ubuntu.gif
domainelespailles.net/include/linux/ 59 KB
59 KB 103ms
89ms Image
image/gif 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/linux/producing-a-specific-ascii-character-in-ubuntu.gif
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c021564cad6922c1bf9b978d9083d59e16c3b62d665bba4fd7e0b912dbc5df

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 60186
cf-request-id: 0ab44b13fa00001f39c88fd000000001
last-modified: Tue, 19 Jan 2021 07:43:47 GMT
server: cloudflare
etag: "eb1a-5b93bffb51a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3ESPWYqhLEkjO1RG6tK%2Fx%2BEJVoB3sXJ%2F3uNqBqKkNY%2Bv0MauD4HZw4OvpHaYUXz3P2oJb2dJ7ctjTA2lwSJVOQ%2BwmDoPKUNO9lirHUSbbaJ5bjKmMxQzPLEk5FT7%2F4hm3Cohpl0kDeWyJtcwI1p2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffffb1f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 hibernate-is-disabled-hiberfil-sys-gets-recreated-at-each-boot.jpg
domainelespailles.net/include/windows/ 29 KB
30 KB 100ms
88ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/windows/hibernate-is-disabled-hiberfil-sys-gets-recreated-at-each-boot.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1e04ef0c73da184e7b9c2a7c2e2f34979823915f3f523a280f5fee3e5292f65

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29819
cf-request-id: 0ab44b13f900001f3987b3d000000001
last-modified: Tue, 19 Jan 2021 07:44:22 GMT
server: cloudflare
etag: "747b-5b93c01c29db5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hk8Mqm0Ohys0dDFpzu%2B11D7eFe9t7veTKUaMyLP2sRgmJFT8ueG2sydp%2F%2FtgKBmzUdd1iB4k%2BFhOJJMia8cuPIaPQ2icJdOkFiY9EI18MEbCt2lu7%2F0NoWoO1P3ZiImYgyHJiPBu%2FXLDlt%2FthG7N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffffa1f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 how-can-i-give-arguments-to-time-command-ubuntu.jpg
domainelespailles.net/include/bash/ 73 KB
74 KB 81ms
70ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/bash/how-can-i-give-arguments-to-time-command-ubuntu.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6091f34de2e364702c49646afb69f67a2f31a5aa986c0e6e09429c120ee35b8b

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75048
cf-request-id: 0ab44b13f900001f39c392d000000001
last-modified: Tue, 19 Jan 2021 07:43:19 GMT
server: cloudflare
etag: "12528-5b93bfe0278c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o4TR%2Frh3R%2BWw6A5%2BxGWBroul0f2pIOQzXLwJrAPApXlzIHPXxYdjZAmYOSZnadPHOPghbk7TscA%2FnNHuzImNnJd5Uus1sIXRO%2Bx3JUMyqftXYFddxu8wE0hRh1ogW5%2B2BkS%2BcNSBw24o%2FHnnUQPc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600adfffff41f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936

43 B
528 B

57ms
57ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:41:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:41:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.3070610456727936
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 15 Jun 2020 21:00:00 GMT

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET Stein-Icons.ttf
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqwqcsdrM.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET qkBWXvYC6trAT7zuC8m5xL1lmgzD.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-pgGIyY0.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET dedicated-mouse-and-keyboard-on-virtualbox-vm.jpg
domainelespailles.net/include/usb/ 0
0

GET
H3-29 200 which-archiving-method-is-better-for-compressing-text-files-on-linux.jpg
domainelespailles.net/include/zip/ 61 KB
62 KB 379ms
377ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/zip/which-archiving-method-is-better-for-compressing-text-files-on-linux.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fab2d6072b8fe9a1b71085c176323c6dafa4c77b3332bf790b7279cd1679480

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 62839
cf-request-id: 0ab44b145c00001f39a402b000000001
last-modified: Tue, 19 Jan 2021 07:44:31 GMT
server: cloudflare
etag: "f577-5b93c024d5957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SM%2BBri9XHr7jmZCP4lmvpbgXNlWFfoMmRZWXJgZ6HOrdtPkU95RasyFkR6546VN8TTT0NDdFstFNnOcOW%2BPrVZnQUDLsfnVEbgacJLu4WWw0EcA7UG%2FrCB7R1KAKljNp68hTU650c4%2BxzCWbeZ8y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600ae0098991f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 explorer-does-not-auto-refresh-1.jpg
domainelespailles.net/include/windows/ 121 KB
121 KB 1211ms
1208ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/windows/explorer-does-not-auto-refresh-1.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f1ca4f821bd41f887369d2fec6759d6ab5d59e71568bd62a4cba8c429cceb1f

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:33 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 123599
cf-request-id: 0ab44b145d00001f39a8bcf000000001
last-modified: Tue, 19 Jan 2021 07:44:21 GMT
server: cloudflare
etag: "1e2cf-5b93c01bc7395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H2%2BVId69BDtVVMpalPKa468SDfMt7fz%2F2bncefurfkJIEmwwPYmn3c2jNzIx92x87pkLQavrvZEaapUMQx6zCkc5HaYx%2FAUkFrY3YkYnn1DLlj1IocfUi3UU6NYTD4Pxbl%2BZKHm5Fb3BsiEPBeo8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600ae00989d1f39-FRA
expires: Thu, 16 Jun 2022 02:41:33 GMT

GET
H3-29 200 what-is-fog-computing-closed.jpg
domainelespailles.net/include/cloud/ 294 KB
294 KB 415ms
412ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/cloud/what-is-fog-computing-closed.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661da0d34f3cb56cb1c2c1d06fd36cff87404a6584a95dfa8a1ae241da897efe

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 300553
cf-request-id: 0ab44b145d00001f39989dd000000001
last-modified: Tue, 19 Jan 2021 07:43:23 GMT
server: cloudflare
etag: "49609-5b93bfe3b4ba6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wKeZiqtU6uUYYGYSL2eo8AQVvFqZpdFABYZA%2FyROPciEOwWDRTNdK1iwtgkgf2HrQohXhcBvRmAMV4gMVDGrjxFKcJGoR0Pk1kjGWuNb3nLc6riOTn%2BwHVPB6Ed1SITmoZAEN3ThWDGN5WWu7fA5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600ae00989f1f39-FRA
expires: Thu, 16 Jun 2022 02:41:32 GMT

GET
H3-29 200 best-way-to-create-an-array-of-objects-in-illustrator.jpg
domainelespailles.net/include/best/ 78 KB
79 KB 839ms
836ms Image
image/jpeg 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/best/best-way-to-create-an-array-of-objects-in-illustrator.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ffa1d7124a1092b3226eda5e1186cbaa923d1f85c231582ea117cc1f99dc05

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:33 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 79742
cf-request-id: 0ab44b145d00001f39ab35a000000001
last-modified: Tue, 19 Jan 2021 07:43:19 GMT
server: cloudflare
etag: "1377e-5b93bfe08e166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1zJkGEk76DsgAMNGKxacr%2B%2BMRL5JDjhkwXbfsbp8RSfM10emEFO0JpvRu%2B6uw8BkhcQUoqpNPghEFmEHpBCnygHR8IoC9UNYCq0%2BDOoJ3ZQEvB6mokm99CbMPQsNUTmEztH4NYNNC3HRR8m2P1lM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600ae0098a01f39-FRA
expires: Thu, 16 Jun 2022 02:41:33 GMT

GET why-does-connecting-to-my-work-vpn-cause-my-internet-to-not-work.jpg
domainelespailles.net/include/windows/ 0
0

GET how-does-virtualboxs-memory-usage-work.jpg
domainelespailles.net/include/virtual/ 0
0

GET what-does-the-execute-permission-do.jpg
domainelespailles.net/include/linux/ 0
0

GET windows-disk-i-o-100-at-boot-for-20-minutes.jpg
domainelespailles.net/include/hard/ 0
0

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
233 B 16ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623811292.262046,VS0,VE0
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-ams21050-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 16 Jun 2021 02:41:32 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 4

GET Stein-Icons.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 242 B
364 B 49ms
16ms XHR
text/plain 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a810e1302216d25b1aacd80a9aa1437d270806fcea9ee061554682f24afe2a31

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Jun 2021 02:41:32 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48824
x-xss-protection: 0
server: cafe
etag: 3458964890517975314
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 02:41:32 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 218 KB
69 KB 45ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-114ef"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70895
expires: Wed, 16 Jun 2021 03:41:32 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
368 B 296ms
295ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.domainelespailles.net/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-ams21050-AMS
server: Google Frontend
x-timer: S1623811292.352887,VS0,VE278
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: dad63009f9c0b8a3fb47ba0548a5d6c3
cache-control: max-age=3600,public
function-execution-id: zp695y2ktzh6
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: NL
x-cache-hits: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/ Frame 5D5A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Jun 2021 10:43:54 GMT
expires: Tue, 29 Jun 2021 10:43:54 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 57458
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9305.mZrKlTxUuwLGwIcnK1YTeU-g1w-Mh_LaiMyEafb7RG6e5H1soRJQaQf0KFnNzQx1.aqkD791gpOPxVSVUSAUzO92KS1g%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9305.ct7NGMkPDOe6e8PTdmfyVu6nxeSOp7TI5sIzAm91nQTprGOj4yTTbA_xNOyYaAyy7uyArFj828XadUXj6G4R3w%2C%2C.GGLzgp0lMTac1tzxXdKhV5cAKpY%2C

75 B
75 B

52ms
52ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9305.ct7NGMkPDOe6e8PTdmfyVu6nxeSOp7TI5sIzAm91nQTprGOj4yTTbA_xNOyYaAyy7uyArFj828XadUXj6G4R3w%2C%2C.GGLzgp0lMTac1tzxXdKhV5cAKpY%2C

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9305.ct7NGMkPDOe6e8PTdmfyVu6nxeSOp7TI5sIzAm91nQTprGOj4yTTbA_xNOyYaAyy7uyArFj828XadUXj6G4R3w%2C%2C.GGLzgp0lMTac1tzxXdKhV5cAKpY%2C
date: Wed, 16 Jun 2021 02:41:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 67ms
25ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Jun 2021 03:41:32 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
72 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 16 Jun 2021 03:41:32 GMT

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 207 B
446 B 34ms
18ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61b2e0246c6024848301ece84ee30d4de60739c519c53557d884af2a46530aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6600ae031d599716-FRA
cf-request-id: 0ab44b15f300009716c48a6000000001

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 17ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623811293.691234,VS0,VE0
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-ams21050-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 16 Jun 2021 02:41:32 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 5

GET
H2

200

1 Show response
mc.yandex.com/watch/71313778/
Redirect Chain

https://mc.yandex.com/watch/71313778?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv...
https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=...

184 B
297 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1088208964513%3Ahid%3A383477836%3Az%3A120%3Ai%3A20210616044132%3Aet%3A1623811293%3Ac%3A1%3Arn%3A485552066%3Au%3A16238112931003645540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623811291972%3Ads%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C206%2C0%2C%2C%2C%2C327%3Adsn%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C207%2C0%2C%2C%2C%2C327%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623811293%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

af570e147e0822a7f3c73b38c1263537d033b891f04ed734f3b613a13e1ec3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
location: /watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1088208964513%3Ahid%3A383477836%3Az%3A120%3Ai%3A20210616044132%3Aet%3A1623811293%3Ac%3A1%3Arn%3A485552066%3Au%3A16238112931003645540%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623811291972%3Ads%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C206%2C0%2C%2C%2C%2C327%3Adsn%3A0%2C18%2C58%2C1%2C31%2C0%2C%2C207%2C0%2C%2C%2C%2C327%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623811293%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 16ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623811293.802014,VS0,VE0
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-ams21050-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 16 Jun 2021 02:41:32 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 82ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

5469240181fbf3777af8354063ec16afdebe2825c2e8d8851fa239ebb7d1f7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "904 / 307 of 1000 / last-modified: 1623797487"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21592
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:32 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756fd3fb00c7cd15fcf546b6c5eee2c6a2784814a423e16f7d2130155d28a893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "904 / 521 of 1000 / last-modified: 1623797487"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21592
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:32 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 53ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.24078551620642297

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.5967438779127232
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.5967438779127232

0
0

48ms
48ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.5967438779127232
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.5967438779127232
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
83 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5795153132580411

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.27763363833815924
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.27763363833815924

0
0

52ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.27763363833815924
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.27763363833815924
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 60ms
59ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5205704371556092

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9648489828656106
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9648489828656106

0
0

45ms
44ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9648489828656106
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:32 GMT
last-modified: Wed, 16-Jun-2021 02:41:32 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9648489828656106
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:32 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 79ms
78ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.9755356577971099

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:33 GMT
last-modified: Wed, 16-Jun-2021 02:41:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:33 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 51ms
51ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.19346299748349538
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 59ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 431ms
430ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=597289036977317&correlator=2702590742411616&output=ldjh&impl=fif&eid=31060783%2C31061224%2C31061279%2C31061437%2C21066612&vrg=2021060901&ptt=17&gdpr_consent=CPH3fChPH3fChAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4_overlay&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623811293&dt=1623811293186&dlt=1623811292081&idt=1078&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1345&adks=4269143605&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=900621780.1623811293&ga_sid=1623811293&ga_hid=218588346&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

87ea37d635a72fa8f81d9adcdd4157bf3a3e00b187a320ffab450a474dffe882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
13 KB 948ms
947ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=597289036977317&correlator=2702590742411616&output=ldjh&impl=fif&eid=31060783%2C31061224%2C31061279%2C31061437%2C21066612&vrg=2021060901&ptt=17&gdpr_consent=CPH3fChPH3fChAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxntmng%2Czxntmng_optr%2Czxntmng_optr_smrcp&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=336x280&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623811293&dt=1623811293190&dlt=1623811292081&idt=1078&frm=20&biw=1600&bih=1200&oid=3&adxs=1021&adys=1088&adks=1025951913&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=357x-1&msz=357x-1&ga_vid=900621780.1623811293&ga_sid=1623811293&ga_hid=218588346&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4284ff08a90535b8e2fd39a410860b87da18b8b2a066f5fec8130d40596a41ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13220
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 1214ms
1213ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=597289036977317&correlator=2702590742411616&output=ldjh&impl=fif&eid=31060783%2C31061224%2C31061279%2C31061437%2C21066612&vrg=2021060901&ptt=17&gdpr_consent=CPH3fChPH3fChAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623811293&dt=1623811293191&dlt=1623811292081&idt=1078&frm=20&biw=1600&bih=1200&oid=3&adxs=1021&adys=1818&adks=3615671628&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=357x-1&msz=357x-1&ga_vid=900621780.1623811293&ga_sid=1623811293&ga_hid=218588346&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6c366862e4b2eea151a827231deda05a425701b7a74e767a90918e04d2b3be18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4690
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308219877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 956F 191 KB
55 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 956F 12 KB
5 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 956F 87 KB
27 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 956F 4 KB
2 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 956F 41 KB
13 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 956F 3 KB
674 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 01:30:35 GMT
server: ESF
date: Wed, 16 Jun 2021 02:41:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 02:41:33 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8504317585090548614/ Frame 956F 1 KB
2 KB 30ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8504317585090548614/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5c6a535777a1449d3bb1af4ad5c16f91a4bd32c72f0264f43053f833bb9f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:39:03 GMT
x-content-type-options: nosniff
age: 320550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1478
x-xss-protection: 0
last-modified: Thu, 27 May 2021 09:12:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:39:03 GMT

GET
DATA 200
OK truncated
/ Frame 956F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28cf7859b74a8156ae7ba826ee6dba9b4cae1d9c07f4b36c8588a54c6610ed16

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 956F 3 KB
3 KB 28ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 10:14:54 GMT
x-content-type-options: nosniff
server: cafe
age: 59199
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:14:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 956F 344 B
828 B 27ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 73422
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:17:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 956F 0
0 16ms
16ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHMzWYUsQu5vYXnacBqZGicsTrAvXGQboXJIRR3koj_J20nXfSdaFf1xfyi8Q4wiuBjSDO2Vk6lfaqzUL09VsqavLUoQ
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 956F 0
0 35ms
34ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoVkF3WTJYJuqDsm9x_APuoeC6AK1z4T-Ytu0iL7xDbery4zDJRABIIbhhSpgkYSAgIwYoAGfmI3TAsgBAakCNGmr24tYtD7gAgCoAwGqBOQBT9AKR64wQEVgXPPgT4DJAenG6lPKKM6gLzSK7g95dd5oxorsTSxDBAT2buibMFKwWSVXcX3gB0gZBVqO9cLlagrClz8FMVl2QfglKXI-nHU34cM2mZCVmTXQtdnhyo0Sf4bXSvrqxSWF8VijvKU1h4Vq8Ph2AanSlFQrj373qA3BcRhiUVjYjFx4bQOrrdTwvmiXydPIziI3psAHqSWZDTveqFIfsWTIzkJ3RShg2RcFSGM0S1xhzSyUgLmf0wpwv070vdudRamY4lN-k03eYnucs7Z2SFteqki7XHmSQhf488DJwAT79bG3zAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHyefyrAGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQuPoN0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=DuClRhkVECY&template_id=5001
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a51d819b8eb2a916a2e54ffcb7a4bc1c9233a60ef073c656bd0a802ed8b7207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7917
x-xss-protection: 0

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 956F 21 KB
21 KB 9ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:38:27 GMT
x-content-type-options: nosniff
age: 334986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:38:27 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 956F 21 KB
21 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 320347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:42:26 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:33 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 956F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

25ms
22ms

Image
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 16 Jun 2021 02:41:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 956F 3 KB
3 KB 9ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 10:14:54 GMT
x-content-type-options: nosniff
server: cafe
age: 59199
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:14:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 956F 344 B
368 B 9ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 73422
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:17:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame DEC2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 15 Jun 2021 19:34:23 GMT
expires: Wed, 15 Jun 2022 19:34:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EB37 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70121c07a1ad20e02f8d18794c4127f539ca66afbf21c486ad59a2b470a3cb50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aiQW4+/CIlNQNNrEvwEUhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

expires: Wed, 16 Jun 2021 02:41:33 GMT
date: Wed, 16 Jun 2021 02:41:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-aiQW4+/CIlNQNNrEvwEUhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js Show response
pagead2.googlesyndication.com/bg/ Frame DEC2 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 11:18:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=597289036977317&bg=!zM-lz4vNAAY2kFOVNpA7ACkAdvg8WnMDmnTwDsbV-fD2IEXXX5legRQwupKApiZlu41p7xNJgi64RwIAAABtUgAAABBoAQcKAM0q96g8h3_G3PY71tRmfQaOhFv9KGjOYxgit58GHzogiUK4nB7-sjIbcmoCiCBchLSJrdWhd5g9oMztbJ1K1cR55W3CwpxNNtykJM55AjCynAG4hWHUCVfY8BR5LT48VqLU9zji8vK5R86NOz_31aMmuNByTxR8WyVyQMm46iQ5et1H7ZobOW40DFd2fYu0p_Ri0SjGZpJBQPmiE9isAHOkbZTbephXULizYe9lNin1C6GiHl5CgWX2MpkIhIs6O7hnfgH5GHPN_p2Bm0A2mQJ4HaKTgXHdRL3-C7YcfdXFhFOcTaMNlGxxpmZgaIssdRSnqlYakPa6yQjFm8OcL8yRWT-cs3a3rfyML6O3d83-EKVqkTgy_nWLshsDE9Rq39U61mMr9ssn2R8N0-tKqaj5tUZ0NzjmU4SmFYasrLBijgOkplnEmpfJpqM0AxKURGgX3nJVlqTf_HraUqq5aDhIH8D58AKpJwCGdtJjtk6jpS3U-yiTu-L3PiJFLjYU9aE-VwLq59OIMdZvLQiPws3bS1Xr6to3g0zNo3B2gnb3zty4SoSRYl6fOZlnmygGgornlCBFWhzEv6J9Mz93BsLMcogTwTkzC95ghdkv7OcmJPRr-kJaolBNueAH9gykvZt4iNJKOc_Unwzr3LgUxxHl1aHcln9ux0YYHdB4PPbO2vT4ikRcqcGG_nN5qIv-fh5us62QJY8p8sHV3KGKkWjcZhUthkmeQYKVw3XXVWTZKcNqzQJbxNM852RSMrlxgdKZF-PscYAO0guTJ_bhMpFW8hknDLf31WF5U3lWpXsGlA9SNulMz2uGT65CoObTZpMksuDfIZC72M1mpKeenBHGS3RbuPTq8f0IDf8ysg7TACOAgYIt_BwLInFEdv_LrUpLCPJNxFl8pUHikcWvpPaYONoz9a97jhVah9VIC586rFRmMUYWdy1Tdqw3chnfIaEx0xvpExdKMio0_CSdZTSw_BHnmchKobXdtsvDoiZEYim9tposQcELnxMFLZWATW-38ETRHdxJONOf73QLDrKWv8O97G397opVymmfbsguPnTHeS_-WsLHO_pcy46UzF3YVGOlFU_TqS-vc4KkXq60c4mJeoP-Nao

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 00A5 191 KB
54 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 00A5 12 KB
4 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 00A5 87 KB
27 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 00A5 4 KB
2 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 00A5 41 KB
13 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 77536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 00A5 953 B
460 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E4%B8%AD%E9%9B%86%E3%81%AA%E3%83%9C%E3%82%A2%E3%83%A9%E3%83%AB%E6%B2%BB%E3%83%99%E3%82%92%E3%83%B3%E3%82%A3%E3%83%86%E3%83%BC%E5%81%A5%E5%BA%B7%E9%A8%93%E3%82%AE%E3%81%A7%E5%8B%9F

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08340d42424d7732abef832940bce0be4a59b9bc1b6d04979da6a835032c8133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 02:41:34 GMT
server: ESF
date: Wed, 16 Jun 2021 02:41:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 00A5 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 10:14:54 GMT
x-content-type-options: nosniff
server: cafe
age: 59200
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:14:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 00A5 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 73423
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:17:51 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13546421949162790032/ Frame 00A5 4 KB
4 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13546421949162790032/downsize_200k_v1?w=400&h=209

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e3a5b1170e9be0242e5530b228d787eaf8c07b7d7a942d749e830792f92e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 02:45:54 GMT
x-content-type-options: nosniff
age: 345340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4060
x-xss-protection: 0
last-modified: Fri, 12 Apr 2019 10:02:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 02:45:54 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5637871389414883323/ Frame 00A5 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5637871389414883323/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f944bf60b63a4b07fc4da609acdb127450877f4437e6f310bf144ed5f48f1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:25:00 GMT
x-content-type-options: nosniff
age: 332194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2265
x-xss-protection: 0
last-modified: Fri, 12 Apr 2019 08:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:25:00 GMT

GET
DATA 200
OK truncated
/ Frame 00A5 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 00A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d0bede2f39071991ab7213276f607b8ba31fab7f6b6de60e53fea0521f3c1ee

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 00A5 0
0 13ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZ-20FdAKnIoK9Ja_x5xJoz93ki8j51RFgfsSXpb0943akSnsy9uXJfANAXZ_YnuYzf3oqhYA_ex2Sat4ImgibI5jrSg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 00A5 0
0 33ms
32ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZJaz3WTJYOLhI6C4x_APp_ii0A_-kqbSYp_tlPyMCf-UmbqODhABIIbhhSpgkYSAgIwYoAHm46vrA8gBCakCNGmr24tYtD7gAgCoAwHIAwqqBN8BT9CIhD6g9efsyZUMI-bBaE7PXtVwc9hWbUjMbV7Rkk3QOvrFx0Pjf2dkMnMEq3XPgTcS5hZ95ns1cIR_Y8siOsSR0KwxXMESHBDYAQGDbL1sxBJSidUdpbkmjf2zb9uL_Ak1DnUAeDVLWN6AMJD21L-uYsGqnJJw4ZeZrWnmPp-085QRjFr42vI3WZ5y-r8K85ypPptVlxsik3lIphCBVc7a5iWtOnck5c9yHHI4lxR-Wx1nJWtsgYvSR0wBvQX5rZVNiWLoDDNxepSTyx5CjP7G43gMHLF2-33SlYeiscAEntnD9fwB4AQBkgUECAQYAZIFBAgFGASgBi6AB67_-SyoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQm98D0ggJCIjhgBAQARgdgAoDyAsB2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=1i2t9QLeNUk&template_id=484
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame 00A5 9 KB
9 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12UrZGuz91jHLBpYNTatW0IOgjzEpiXuw969v-7gHvimJELr7Dz-Xd7y6VrzthBfrcgBTX4ZWDJ0-aMumP2OCvIG2NBkpGP4tyhcq4x7rEXd&skey=b1468649b9c42538&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E4%B8%AD%E9%9B%86%E3%81%AA%E3%83%9C%E3%82%A2%E3%83%A9%E3%83%AB%E6%B2%BB%E3%83%99%E3%82%92%E3%83%B3%E3%82%A3%E3%83%86%E3%83%BC%E5%81%A5%E5%BA%B7%E9%A8%93%E3%82%AE%E3%81%A7%E5%8B%9F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b9d9bbac84bd34ec3392cb9f989c7b5f221b2384f28bc51c041a1d51efec81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 14:27:40 GMT
x-content-type-options: nosniff
age: 44034
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9480
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Jun 2021 14:27:40 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame 00A5 9 KB
9 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQaioq12UrZGuz91jHLBpYNTatW0IOgjzEpiXuw969v-7gHvimJELr7Dz-Xd7y6VrzthBfrcgBTX4ZWDJ0-aMumP2OCvIG2NBkpGP4tyhcq4x7rEXd&skey=f8a75aa314b1396f&v=v28

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d19c088b32860d6583a580464123bcb236d4ef91dce2b04034a1813395d62470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 14:27:40 GMT
x-content-type-options: nosniff
age: 44034
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9496
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Jun 2021 14:27:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8269 0
0 34ms
33ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG4JskTMJhKqCXirpYguoik8960A1bbq3t7XXysMVu0Wa54ULPsOTLC9RrDXsjfxUa2Zqqq87H4idseztshjMmjfBJcG8wFfNqG0-nhpjtZN8mq4925yOZXQBqpwUVNzeHRlDTJg4GC1T3lh1WBNC84dAGNURxiGVru3EssL0wtkp41oToH8cZJ9sPAOCED6UlI3ZrWdsGqQ0t0K_OzBDpeZVnoVbTe1xLd7BnRAT8emmXdNdpT60-F6grO5L9FwYE_mEw5NDGSDgzn4j2nqXLiIHeYMeHZo5sZV1m-6-yRj8cMOQpzhVGancHtaio8Yk1Ifj7&sai=AMfl-YTPZ0hvRl2lHPnkG2eLaZf09NDvvXb6nULtVDIyp4bRuonQStWaYhn4mrbAm_uu2AzPtuNxs_L4MU8KpMmU1SRmkburzywWE0i0O16bumwEe-BoH7r58l8fVdHNoUPc&sig=Cg0ArKJSzFU9kHTpKoxkEAE&urlfix=1&adurl=

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8269 92 KB
33 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6008bb5a56ad667154ededdb0857f211123324c2df5cec76034a0477a538d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33289
x-xss-protection: 0
server: cafe
etag: 14624666995397892764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8269 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/ Frame 8269 233 KB
86 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.domainelespailles.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87957
x-xss-protection: 0
server: cafe
etag: 17726926907594691985
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
DATA 200
OK truncated
/ Frame 8269 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee21ed6a98cd9087f1788e673c25be7fc2874f503c09649a39fe32adf00629df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8269 12 B
497 B 83ms
30ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.domainelespailles.net&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.domainelespailles.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8269 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8269 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 270B 70 KB
24 KB 322ms
321ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdff068371496c555ac8279d03520d5151b377d96a63aadb4375d7bb27135225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGsRNpPfovaFMJ8Dt3yxnE5ulDTP7xvDhgLYyiVMr0DByrZGKTqsFcgqeuYIU; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Jun 2021 02:41:34 GMT
server: cafe
content-length: 24497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8269 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8269 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-6550413363602588&c=17&n=0&t=0&w=144&x=2

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 270B 6 KB
668 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 01:31:06 GMT
server: ESF
date: Wed, 16 Jun 2021 02:41:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/ Frame 270B 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:13:53 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/ Frame 270B 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85822f2cdfbdc5f578b262c1956ed9c1f069faae23050da46a23e5ee0632c632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 01:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7078
x-xss-protection: 0
server: cafe
etag: 256548204583862073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 01:56:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/ Frame 270B 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:25:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 270B 122 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/ Frame 270B 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e0099e4558eac7516502eaf705eda715aaed18678bca9bdea641cd6b03ab2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: cafe
etag: 13708678322133093319
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:13:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 270B 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3erDGY8DNnUfhGE03cnvYRoWx0aQkWjFpTXViwZGjozu42eFnh3lfg094lJr0_7diYHqkaxNGhV9nUAcwl5YhxACI1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame 270B 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 19:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Sep 2021 19:10:16 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/206453551507547857/ Frame 270B 12 KB
12 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/206453551507547857/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58005abe65adc684e142804756cc1c691b297354bc0724a9eeaca3286f900baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:32:22 GMT
x-content-type-options: nosniff
age: 320952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12238
x-xss-protection: 0
last-modified: Mon, 24 Sep 2018 06:31:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:32:22 GMT

GET
DATA 200
OK truncated
/ Frame 270B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4053 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Jun 2021 11:20:29 GMT
expires: Wed, 16 Jun 2021 11:20:29 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55265
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 270B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17eb277a32f4290d2c66e94954559bfa7366b61effb420f93f3b8075376096eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 270B 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:30:17 GMT
x-content-type-options: nosniff
age: 335477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:30:17 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 270B 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:05:05 GMT
x-content-type-options: nosniff
age: 311789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:05:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 270B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options: nosniff
age: 328982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:18:32 GMT

GET /
google2waycm.netmng.com/cm/ Frame 4053 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4053 0
104 B 90ms
62ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEARKb0Raslp_yqMvKeNInd0&google_cver=1&google_push=AYg5qPJ6d1tNAXHx9WqL4h_SZJ5fX93Nzg5JLgVXR-hUo16RZd4iAFGdoTB5EoM2R5GDKFxQ4j5iKvmjZrWNzsYdZTTJpLyW4-dU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_smrcp&adk=3581086169&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=336&url=https%3A%2F%2Fja.domainelespailles.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623811294443&bpp=10&bdt=30&idt=85&shv=r20210610&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dde8c5a000f96a5f7-228b3d6562c80000%3AT%3D1623811293%3AS%3DALNI_MY6UIyBU1_satPKwbGko3qN6dccFg&correlator=553521272374&frm=23&ife=4&pv=2&ga_vid=1406990335.1623811295&ga_sid=1623811295&ga_hid=1728369943&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1021&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=2459752796&scr_x=0&scr_y=0&eid=44739547%2C31060957&oid=3&pvsid=3500830373632063&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kypulw4wf06w&btvi=1&fsb=1&dtd=97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4053
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpWxb-4qY3NoE3Pb9nr1lU&google_push=AYg5qPIx_HkgwEhhzpadbFgLwyXBKb4I6ul2dhPyXabrYDDEVz6ccBpLOh...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpWxb-4qY3NoE3Pb9nr1lU&google_push=AYg5qPIx_HkgwEhhzpadbFgLwyXBKb4I6ul2dhPyXabrYDDEVz6ccBpLOhW4MMunSptBU73sjPEu6mMfUBdZHxFzHdezQsOuFFYq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1623811295.001827,VS0,VE98
x-served-by: cache-fra19152-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpWxb-4qY3NoE3Pb9nr1lU&google_push=AYg5qPIx_HkgwEhhzpadbFgLwyXBKb4I6ul2dhPyXabrYDDEVz6ccBpLOhW4MMunSptBU73sjPEu6mMfUBdZHxFzHdezQsOuFFYq
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4053
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA7CCbR2fPNsOePaqHq7Gcw&google_cver=1&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E-fD7O7KsmEpHW28dl&google_hm=6mB-sbN4Q1eKcOlnOHUtHQU

170 B
188 B

32ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E-fD7O7KsmEpHW28dl&google_hm=6mB-sbN4Q1eKcOlnOHUtHQU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGvFVFoBk1dX_FjJRaVuT3C3xAfCSaJdc_RS2gVXGypot8iLhmXNGvez1y0mKOp3sm0QNAXZbwo3E-fD7O7KsmEpHW28dl&google_hm=6mB-sbN4Q1eKcOlnOHUtHQU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4053
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O2chEj-5Q46qBnN52IwA0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O2chEj-5Q46qBnN52IwA0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJyR9RIqcyJR720GJHqjvZtEyT3PHUzH9A18bj9W5K_ZUyHV4Re2QBqoZvvQLb_tDr82j254Eb5-YWdbD2jFWPFZie2T8jo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O2chEj-5Q46qBnN52IwA0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJyR9RIqcyJR720GJHqjvZtEyT3PHUzH9A18bj9W5K_ZUyHV4Re2QBqoZvvQLb_tDr82j254Eb5-YWdbD2jFWPFZie2T8jo
date: Wed, 16 Jun 2021 02:41:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4053
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB6_5hrVNPyNTKCaWeSWAoo&google_cver=1&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BZVkJJMjgtMVgtSlFWMA==&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXiEaWAukFcLJKVo76-9aJ7WV7Q

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BZVkJJMjgtMVgtSlFWMA==&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXiEaWAukFcLJKVo76-9aJ7WV7Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BZVkJJMjgtMVgtSlFWMA==&google_push=AYg5qPL2GC9jwWJUhHQQyzBQdj8WvSxc_nnEHH_uahcmYHKMt3Syx-oQfbyr76O76hRqxKgbTXiEaWAukFcLJKVo76-9aJ7WV7Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4053
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMSsq6mQbXSd8BXY2W80RrQ&google_cver=1&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLi...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMSsq6mQbXSd8BXY2W80RrQ&google_cver=1&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLi...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG&google_hm=b4ebf3d583d73b5a7c4dd217

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG&google_hm=b4ebf3d583d73b5a7c4dd217

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 16 Jun 2021 02:41:35 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6IL7bLe5bT_jymbl32w-D1Q9yAb5lFArZCij5CTnWaJLFBYyt27eEnTH2D7L21hBCKkXRlhMk-tNpn3sLiqDaYytcDNrG&google_hm=b4ebf3d583d73b5a7c4dd217
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4053 0
78 B 35ms
29ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5KsL9fzOWna7i_wjXlFWGY7Z-U-97wCUqMXLZbgXrOIKDguSiyT-zxNjxsu2_JwGOVXoa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8269 0
0 67ms
38ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0LP8afywmMeNaaxFTvZ2ZhtWxMVUkvQrHhO59Si_ghtBqiYf7R-fQ3NfxDfsnYyrkwNpdqf9jspbW5mPVbS1d2wsNb-Uiyj45UfPPAQKLgkxaSZxPJFU83oGlKssQ7LnD6iA_b5YNGEM53NxqPto8pqmrDiVl98gJSpSwk4ZONvR5ljS8ikwoF4DdL7V8uZRynAAxElqCRh4SqE6nGYg2TPAWaXmQKRGqz39IntwfkFL20HcMPXTURTjqnWbioDDmJWUaUMZkKoGrtgGQJvLwBfw0PEwurWSC9nW8SputJgbF_JBBhHzqQc7adkqHzKEIMfW_Ke8&sai=AMfl-YQO60Ka7xRV8icZJUh8tt5OVTLtJW4kcdQ98s1AFTyZWZ2UvdcJzujnuKs-0m2Q4szqjBqP8R97L4-0yYoLseVfhPsv9VfRxxtWN9-wRpXB2LFLTkJuIAV2VYON608Z&sig=Cg0ArKJSzMotZTldi4BpEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Jun 2021 02:41:35 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8269 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210610&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed76d2816c43e365b8a217fed0842efae2585908129fc6e484e8014b100977c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0

GET
H3-29 200 77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js Show response
pagead2.googlesyndication.com/bg/ Frame D743 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 11:18:45 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8269 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:41:35 GMT

POST
H2 200 71313778 Show response
mc.yandex.com/webvisor/ 43 B
73 B 225ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71313778?wmode=0&wv-part=1&wv-hit=383477836&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&rn=480475993&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1623811295%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210616044135%3Au%3A16238112931003645540%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623811295

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
last-modified: Wed, 16-Jun-2021 02:41:35 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:35 GMT

POST
H2 200 71313778 Show response
mc.yandex.com/webvisor/ 43 B
280 B 169ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71313778?wmode=0&wv-part=1&wv-hit=383477836&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&rn=374304124&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1623811295%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210616044135%3Au%3A16238112931003645540%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623811295

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
last-modified: Wed, 16-Jun-2021 02:41:35 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:41:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame BAD3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 15 Jun 2021 19:34:23 GMT
expires: Wed, 15 Jun 2022 19:34:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E64E 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bf8cd515092a6c483693e1e0a2fb91fbc05a4d08d7afe6aa937604ee344bc7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qf9d5J0Cy03VHpU2f8JwoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

expires: Wed, 16 Jun 2021 02:41:35 GMT
date: Wed, 16 Jun 2021 02:41:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qf9d5J0Cy03VHpU2f8JwoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js Show response
pagead2.googlesyndication.com/bg/ Frame BAD3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 11:18:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8269 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210610&jk=3500830373632063&bg=!QEOlQwfNAAY2kFOVNpA7ACkAdvg8Wsup8Ffd4ju3TeJQE6Ew_ih5ONyKGQd4kIeAWpTrpcg_8vbKigIAAABJUgAAAAhoAQcKAHmLxdIcO_LrtFlAhfn1aoQhlNv4TBDO9s8Q1U4ZWkIQNRhbfbniKWDJwb0_9nZUeOhSx_psxPLgP6a71PhjIYYe38J4tyvoeMMR51tAZTLdTof-56INf50afIrMbEvmKwZjwjLpB-LispXJ4W9nOLOEXKvxznJ6EM5MmQKOMid8rTbgm08ZF6e-Ns3s6B20wAf3AvbygwFzJarkH4aQS-jBOQcC_Ak7drYm3_M-I7r9DmsucZT4IKYk2o46CdUs3CAKz8gMGmMW1Bg4WPkJII0KOcp-CiYVVcN4bsoXBkWQZyc9bYlSmWYx9fvHX8lzRPr7mSvDcu9YGr7iM72A6b2XJdqS0-qtoefDerpulQK982EE8dU7OWKGCVKP9nCgQbHhtlN1Fa3S__2K9Su9ZgayLQuXwLm8MIWknlu_QXXoko23e_KxxD76ZOq1U83I64rapxyN_NbU6rTddEWobcnt6nMibMe3qdVygqJ1PWADCKGvQPF6B6FdzXug6uxIgPJk98iFTGOfRfrek2m30bCG-U09ReMVjpWl-TuHT8fbCz9-4gD5i3FsayT23e5iqo6B7yvVF8owJ2bFRNQK4CR4qCt3c_XDVOQMnx-ChCb04uX-g0jVRKi1qbbqcGK8H-0InL_A_Wrn3qRNgGhx60RIbneb1fcEoRnlf9z6cE_5VqS5rnbp1NDIGhYrlna3B5LI1SGYX66sINXHYuIRjh1NixaIZmsm-6IcGTsfd77UoP6glUXXmGZH5bNzEYe8ydq6yvN1y-i9A2unlX1EBElbJ5h9osZGlsfGXaLbbEs08fNH5UYCg37JeKxHm0BYmH1XOE8LHVEMfj7CbHyrJWZKZyzUMUwWcakQ2r6QvYF8dRCeS--LDan6eolYH8fwVRpLQubttc8LMWHTtb7fjCjP0r64rf9Pare5nVMJpV_0CRLNEAyhxD7mU5gWY57LFlcZJNe3LfFsBrcrzjcvB-exELIZ6OkFZsO_pUD1fI7w-2_eECqdrflNRl4l6Hvd4hgfLmB1pKMqO_cu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 956F 42 B
64 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2Et9Zk2g547BUpoPF74yMs1Evmt4B6GuL5MrebLmWhaMyZfd5VD4GIDJkc-NL9HDfl88q_z3Rm8RgBHxQhoVCPdjMk6nhRGrJiYKhXrsMKYrqYBjKJeqLKZskxQ&sai=AMfl-YSyECd55c_1GK0mnSL2FCd1vZoHPGeZDsZLunRBxA0IaPuA8Rl1iefWQQWc_tDmnR0w-5jHgVyXh59S9iXWm4r45b7OEjEtRsr32wegCl2eZhqkUn6kDBC3DLoAPkyT&sig=Cg0ArKJSzD53pVv74ghmEAE&id=ampim&o=0,1225&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=200&tls=1497&g=52.222222089767456&h=100&tt=1497&r=v&avms=ampa&adk=4269143605

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:41:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/Stein-Icons.ttf?6g2d1r

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqwqcsdrM.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/qkBWXvYC6trAT7zuC8m5xL1lmgzD.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-pgGIyY0.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/include/usb/dedicated-mouse-and-keyboard-on-virtualbox-vm.jpg

Domain: domainelespailles.net
URL: https://domainelespailles.net/include/windows/why-does-connecting-to-my-work-vpn-cause-my-internet-to-not-work.jpg

Domain: domainelespailles.net
URL: https://domainelespailles.net/include/virtual/how-does-virtualboxs-memory-usage-work.jpg

Domain: domainelespailles.net
URL: https://domainelespailles.net/include/linux/what-does-the-execute-permission-do.jpg

Domain: domainelespailles.net
URL: https://domainelespailles.net/include/hard/windows-disk-i-o-100-at-boot-for-20-minutes.jpg

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/Stein-Icons.woff?6g2d1r

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEJSD40Hdo1zNSkoiECv-XbQ&google_cver=1&google_push=AYg5qPKOHf8jiIXwXJi_ZlVIF-PDbFd_vek5OT5YBHIeJ1JtNeqRXECB-F8jmlmP75hYxu30eU1M3FCtG1oceJd50CqTBI3UYfaJ

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.domainelespailles.net/	1970-01-20 03:49:07	Name: euconsent-v2 Value: CPH3fChPH3fChAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.domainelespailles.net/	1970-01-20 03:49:07	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdhMTJiMWYtZTM5Yy02ZGYzLWE2YjEtNDdlMjNkNzY0YzFhIiwiY3JlYXRlZCI6IjIwMjEtMDYtMTZUMDI6NDE6MzIuODU1WiIsInVwZGF0ZWQiOiIyMDIxLTA2LTE2VDAyOjQxOjMyLjg1NVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.domainelespailles.net/	1970-01-19 19:04:43	Name: _ym_isad Value: 2
.domainelespailles.net/	1970-01-19 19:03:33	Name: _ym_visorc Value: w
.domainelespailles.net/	1970-01-20 03:49:07	Name: _ym_d Value: 1623811293
.domainelespailles.net/	1970-01-20 03:49:07	Name: _ym_uid Value: 16238112931003645540

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://domainelespailles.net/template/domainelespailles/js/scripts.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	error	URL: https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.4
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx -> DE
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt->cmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt native v.1.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://ja.domainelespailles.net/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://ja.domainelespailles.net/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4aff55baca3305e54bff4730d039d419.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ap.lijit.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
dclk-match.dotomi.com
domainelespailles.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geolocation.onetrust.com
google2waycm.netmng.com
googleads.g.doubleclick.net
i.ibb.co
image6.pubmatic.com
ja.domainelespailles.net
js.wpushsdk.com
load02.biz
mc.yandex.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
securepubads.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
domainelespailles.net
google2waycm.netmng.com
142.250.185.162
142.250.186.98
143.198.248.64
145.239.131.60
151.101.14.49
151.101.65.195
185.64.189.115
2001:4de0:ac18::1:a:2a
205.185.216.10
213.174.135.25
216.52.2.19
2606:4700:10::6814:b944
2606:4700:3032::6815:976
2606:4700:3035::ac43:bd3d
2606:4700::6810:5514
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a02:6b8::1:119
2a02:fa8:8806:20::2010
35.186.193.173
69.173.144.139
88.212.201.210
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
08340d42424d7732abef832940bce0be4a59b9bc1b6d04979da6a835032c8133
0b22d07aac3832950f48e6edbfa6b6407665dae0d38bc97a5e3391841f49b42f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0bede2f39071991ab7213276f607b8ba31fab7f6b6de60e53fea0521f3c1ee
17eb277a32f4290d2c66e94954559bfa7366b61effb420f93f3b8075376096eb
18bde5c1efa2dffc3afbd62a5b43876514a123f8ce24cb07665b9132a9b625cc
1bf8cd515092a6c483693e1e0a2fb91fbc05a4d08d7afe6aa937604ee344bc7e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f32cf171dd7f82fb2182b245d3aa3fbefe7323e958a8e55fbb9f3e33eb357b4
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
24a3efb9f1e04a39d3b84536da7115faca1fcbb16aa8c9309df6fab4ce0f8bf5
28cf7859b74a8156ae7ba826ee6dba9b4cae1d9c07f4b36c8588a54c6610ed16
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5c6a535777a1449d3bb1af4ad5c16f91a4bd32c72f0264f43053f833bb9f65
2f944bf60b63a4b07fc4da609acdb127450877f4437e6f310bf144ed5f48f1e7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
339106ca1ee04659f2073f307a2f5ff696c0e659d2651e6067021021d1f0e456
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
393ed5dd9e9960a04910ef73024a123165a0953d98fd7f225db7adfbc569e144
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3edbc5e6a799b1515eae57a1068a2b6b0ebbe2c0327be24b9064582a0294911c
4284ff08a90535b8e2fd39a410860b87da18b8b2a066f5fec8130d40596a41ed
463372edb7ab8600022a1bf6f37a69a13006b84c8767c3067c3ce8668a28eefd
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5469240181fbf3777af8354063ec16afdebe2825c2e8d8851fa239ebb7d1f7ba
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58005abe65adc684e142804756cc1c691b297354bc0724a9eeaca3286f900baa
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
6091f34de2e364702c49646afb69f67a2f31a5aa986c0e6e09429c120ee35b8b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61b2e0246c6024848301ece84ee30d4de60739c519c53557d884af2a46530aeb
661da0d34f3cb56cb1c2c1d06fd36cff87404a6584a95dfa8a1ae241da897efe
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6b9d9bbac84bd34ec3392cb9f989c7b5f221b2384f28bc51c041a1d51efec81b
6c366862e4b2eea151a827231deda05a425701b7a74e767a90918e04d2b3be18
6e0099e4558eac7516502eaf705eda715aaed18678bca9bdea641cd6b03ab2a8
6fab2d6072b8fe9a1b71085c176323c6dafa4c77b3332bf790b7279cd1679480
70121c07a1ad20e02f8d18794c4127f539ca66afbf21c486ad59a2b470a3cb50
756fd3fb00c7cd15fcf546b6c5eee2c6a2784814a423e16f7d2130155d28a893
7a51d819b8eb2a916a2e54ffcb7a4bc1c9233a60ef073c656bd0a802ed8b7207
7f1ca4f821bd41f887369d2fec6759d6ab5d59e71568bd62a4cba8c429cceb1f
7f380c229eceaa62338664d9893e6360df7332616d4b8a71d9ddfe2a0e3023b1
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
85822f2cdfbdc5f578b262c1956ed9c1f069faae23050da46a23e5ee0632c632
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786
87ea37d635a72fa8f81d9adcdd4157bf3a3e00b187a320ffab450a474dffe882
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
903b7d70660ecd4b49d3878998c2118064c37cf88be82af6eb023744ed379033
92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
a0ffa1d7124a1092b3226eda5e1186cbaa923d1f85c231582ea117cc1f99dc05
a1e04ef0c73da184e7b9c2a7c2e2f34979823915f3f523a280f5fee3e5292f65
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a810e1302216d25b1aacd80a9aa1437d270806fcea9ee061554682f24afe2a31
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
af570e147e0822a7f3c73b38c1263537d033b891f04ed734f3b613a13e1ec3c8
b1e3a5b1170e9be0242e5530b228d787eaf8c07b7d7a942d749e830792f92e34
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d19c088b32860d6583a580464123bcb236d4ef91dce2b04034a1813395d62470
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ed76d2816c43e365b8a217fed0842efae2585908129fc6e484e8014b100977c3
ee21ed6a98cd9087f1788e673c25be7fc2874f503c09649a39fe32adf00629df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782
f0c021564cad6922c1bf9b978d9083d59e16c3b62d665bba4fd7e0b912dbc5df
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f6008bb5a56ad667154ededdb0857f211123324c2df5cec76034a0477a538d61
fdff068371496c555ac8279d03520d5151b377d96a63aadb4375d7bb27135225
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.domainelespailles.net Open in urlscan Pro 2606:4700:3032::6815:976 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

92 %HTTPS

58 %IPv6

29 Domains

36 Subdomains

27 IPs

6 Countries

2896 kBTransfer

6406 kBSize

6 Cookies

38 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.domainelespailles.net Open in urlscan Pro
2606:4700:3032::6815:976 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

92 %
HTTPS

58 %
IPv6

29
Domains

36
Subdomains

27
IPs

6
Countries

2896 kB
Transfer

6406 kB
Size

6
Cookies

145 HTTP transactions
8 data transactions