felixassurance.com Open in urlscan Pro
52.28.142.34 Public Scan

URL:
http://felixassurance.com/
Submission: On April 14 via api (April 14th 2021, 8:04:42 pm UTC) from US

Summary HTTP 102 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 41 domains to perform 102 HTTP transactions. The main IP is 52.28.142.34, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is felixassurance.com.

This is the only time felixassurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	52.28.142.34 52.28.142.34	16509 (AMAZON-02) (AMAZON-02)
7	52.29.63.121 52.29.63.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	195.181.167.173 195.181.167.173	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2 5	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2600:9000:20e... 2600:9000:20e8:de00:15:22d9:2ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	99.84.156.104 99.84.156.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:c71e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.28.144.62 52.28.144.62	16509 (AMAZON-02) (AMAZON-02)
1	52.209.237.98 52.209.237.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.156.4 99.84.156.4	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	99.84.156.56 99.84.156.56	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:4cc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	145.239.193.53 145.239.193.53	16276 (OVH) (OVH)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
26 27	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	18.184.39.197 18.184.39.197	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	188.132.147.228 188.132.147.228	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
1	54.246.18.165 54.246.18.165	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 4	95.131.143.205 95.131.143.205	47841 (OXALIDE) (OXALIDE)
1	46.105.203.81 46.105.203.81	16276 (OVH) (OVH)
2 2	145.239.211.22 145.239.211.22	16276 (OVH) (OVH)
2	164.132.142.74 164.132.142.74	16276 (OVH) (OVH)
3	89.185.38.83 89.185.38.83	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
102	44

19 52.28.142.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com

felixassurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.29.63.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com

oui-assure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.167.173 (Madrid, Spain)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-195-181-167-173.datapacket.com

sync.bidpro.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20e8:de00:15:22d9:2ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d390gshugb75wr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.185.38.89 (Paris, France) 1 redirects

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-104.txl52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c71e (United States)

ASN13335 (CLOUDFLARENET, US)

secureanalytic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.144.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-144-62.eu-central-1.compute.amazonaws.com

www.trck20.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.237.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-237-98.eu-west-1.compute.amazonaws.com

www.weedoit.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-4.txl52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-56.txl52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:4cc9 (United States)

ASN13335 (CLOUDFLARENET, US)

event.smpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 145.239.193.53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sq.otooxo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sqdt.futurasciences.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg-sq.hopmailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 3.120.242.149 (Frankfurt am Main, Germany) 26 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.39.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-39-197.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.132.147.228 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-228-147-132-188.sadecehosting.net

ads4.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads3.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.18.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.143.205 (France) 2 redirects

ASN47841 (OXALIDE, FR)

sync.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.203.81 (France)

ASN16276 (OVH, FR)

cdn.kdata.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.211.22 (Valence, France) 2 redirects

ASN16276 (OVH, FR)

p.crm4d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 164.132.142.74 (France)

ASN16276 (OVH, FR)

tracking.kdata.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.185.38.83 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

me.hunkal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	bidswitch.net 26 redirects x.bidswitch.net	14 KB
19	felixassurance.com felixassurance.com	535 KB
14	easydmp.net asset.easydmp.net	35 KB
7	oui-assure.net oui-assure.net	343 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	318 KB
6	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	6 KB
5	google.com www.google.com	17 KB
4	commander1.com 2 redirects sync.commander1.com	3 KB
3	hunkal.com me.hunkal.com	5 KB
3	kdata.fr cdn.kdata.fr tracking.kdata.fr	4 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	logbor.com 1 redirects u.logbor.com	4 KB
3	cloudfront.net d390gshugb75wr.cloudfront.net	6 KB
2	crm4d.com 2 redirects p.crm4d.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1007 B
2	admatic.com.tr 1 redirects ads4.admatic.com.tr ads3.admatic.com.tr	642 B
2	3lift.com 1 redirects eb2.3lift.com	726 B
2	doubleclick.net 1 redirects cm.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	smpush.com event.smpush.com
2	google-analytics.com www.google-analytics.com	19 KB
2	yimg.com s.yimg.com	7 KB
2	bidpro.io sync.bidpro.io	36 KB
1	hopmailing.com rtg-sq.hopmailing.com	414 B
1	futurasciences.fr sqdt.futurasciences.fr	414 B
1	otooxo.com sq.otooxo.com	415 B
1	google.de www.google.de	108 B
1	outbrain.com sync.outbrain.com	472 B
1	gumgum.com rtb.gumgum.com	238 B
1	unrulymedia.com sync.targeting.unrulymedia.com	452 B
1	rubiconproject.com pixel.rubiconproject.com	786 B
1	admixer.net inv-nets.admixer.net	448 B
1	pubmatic.com simage2.pubmatic.com	745 B
1	taboola.com sync-t1.taboola.com	229 B
1	contextweb.com bh.contextweb.com	717 B
1	smartadserver.com rtb-csync.smartadserver.com	684 B
1	googleadservices.com www.googleadservices.com	17 KB
1	weedoit.fr www.weedoit.fr	637 B
1	trck20.fr www.trck20.fr	959 B
1	secureanalytic.com secureanalytic.com	3 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
102	41

	Domain	Requested by
27	x.bidswitch.net	26 redirects felixassurance.com
19	felixassurance.com	felixassurance.com
14	asset.easydmp.net	www.trck20.fr asset.easydmp.net felixassurance.com cdn.kdata.fr
7	oui-assure.net	felixassurance.com
5	secure.adnxs.com	2 redirects felixassurance.com
5	www.google.com	felixassurance.com www.gstatic.com www.google.com
4	sync.commander1.com	2 redirects felixassurance.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	me.hunkal.com	felixassurance.com u.logbor.com me.hunkal.com
3	u.logbor.com	1 redirects felixassurance.com
3	d390gshugb75wr.cloudfront.net	felixassurance.com oui-assure.net d390gshugb75wr.cloudfront.net
2	tracking.kdata.fr	cdn.kdata.fr felixassurance.com
2	p.crm4d.com	2 redirects
2	sync.1rx.io	2 redirects
2	eb2.3lift.com	1 redirects felixassurance.com
2	event.smpush.com	secureanalytic.com
2	fonts.gstatic.com	www.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	felixassurance.com s.yimg.com
2	sync.bidpro.io	felixassurance.com sync.bidpro.io
1	rtg-sq.hopmailing.com	asset.easydmp.net
1	sqdt.futurasciences.fr	asset.easydmp.net
1	sq.otooxo.com	asset.easydmp.net
1	cdn.kdata.fr	felixassurance.com
1	www.google.de	felixassurance.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	sync.outbrain.com	felixassurance.com
1	rtb.gumgum.com	felixassurance.com
1	sync.targeting.unrulymedia.com	felixassurance.com
1	pixel.rubiconproject.com	felixassurance.com
1	inv-nets.admixer.net	felixassurance.com
1	simage2.pubmatic.com	felixassurance.com
1	ads3.admatic.com.tr	felixassurance.com
1	ads4.admatic.com.tr	1 redirects
1	ib.adnxs.com	felixassurance.com
1	sync-t1.taboola.com	felixassurance.com
1	cm.g.doubleclick.net	1 redirects
1	bh.contextweb.com	felixassurance.com
1	rtb-csync.smartadserver.com	felixassurance.com
1	www.googleadservices.com	sync.bidpro.io
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.weedoit.fr	oui-assure.net
1	www.trck20.fr	felixassurance.com
1	secureanalytic.com	felixassurance.com
1	static.hotjar.com	felixassurance.com
1	cdn.onesignal.com	felixassurance.com
1	www.googletagmanager.com	felixassurance.com
102	48

This site contains links to these domains. Also see Links.

Domain
www.weedoit.fr
www.bloctel.gouv.fr
www.mongustave.fr
oui-assure.net

Subject Issuer	Validity	Valid
*.oui-assure.net Gandi Standard SSL CA 2	`2021-03-26` - `2022-04-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.bidpro.io Go Daddy Secure Certificate Authority - G2	`2021-01-10` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-24` - `2021-05-12`	2 months	crt.sh
*.logbor.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
trck20.fr Gandi Standard SSL CA 2	`2021-01-06` - `2022-01-06`	a year	crt.sh
weedoit.fr Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
asset.easy-gain75.com R3	`2021-03-14` - `2021-06-12`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
ads4.admatic.com.tr R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2020-08-17` - `2021-11-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.commander1.com Thawte RSA CA 2018	`2020-08-05` - `2021-11-01`	a year	crt.sh
*.kdata.fr RapidSSL RSA CA 2018	`2019-04-11` - `2021-07-10`	2 years	crt.sh
squa.lagendadesventesprivees.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://felixassurance.com/
Frame ID: A98863C0CD998C7DC02C543649935855
Requests: 69 HTTP requests in this frame

Frame: https://www.trck20.fr/tr/aff.php?identifiant=Y2FtcGFnbmU9YWNjZXMtZGlyZWN0X0ZlbGl4IGFzc3VyYW5jZV9WaXN1ZWw=
Frame ID: 028EBC63DF084CB242FA5D23E3A98238
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz
Frame ID: E9E0C3F3BAD2C323BA31A00B6682AFEE
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 060093F8381B5EC22F0044E349A4051F
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=224782
Frame ID: 2BA696A300674803E7540AC3BBDAEC0B
Requests: 17 HTTP requests in this frame

Frame: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=STkhHNEVCcYhkvrP9oCrb9YNdKJUv1VZCdJM-8tDZ_M
Frame ID: 84B6A177FB84B4D00D5A745FA5200342
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=224782
Frame ID: 3A29EC4E42175ED8CD95A40A956681E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

102
Requests

77 %
HTTPS

31 %
IPv6

41
Domains

48
Subdomains

44
IPs

9
Countries

1466 kB
Transfer

2238 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.weedoit.fr/main/cookies.php
Title: En savoir plus

Search URL Search Domain Scan URL

URL: http://www.bloctel.gouv.fr/
Title: lien

Search URL Search Domain Scan URL

URL: https://www.mongustave.fr/
Title: comparateur d’assurances

Search URL Search Domain Scan URL

URL: https://oui-assure.net/mentions-legales.php?url=F%C3%A9lix%20Assurance
Title: Mentions légales

Search URL Search Domain Scan URL

URL: http://www.weedoit.fr/
Title: Réalisations

Search URL Search Domain Scan URL

URL: http://www.weedoit.fr/hebergement/26-04-2018-0806-Presentation-RGPD.pdf
Title: Présentation RGPD

Search URL Search Domain Scan URL

URL: http://www.weedoit.fr/tracking/politique.html
Title: Politique de confidentialité

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://secure.adnxs.com/seg?add=12498404&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12498404%26t%3D1

Request Chain 28

http://u.logbor.com/p/?i=3169&n=__dot HTTP 301
https://u.logbor.com/p/?i=3169&n=__dot

Request Chain 57

http://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053 HTTP 307
https://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053

Request Chain 61

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=smartadserver HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&gdpr=&gdpr_consent=

Request Chain 62

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pulsepoint HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pulsepoint HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=eafe3084-7d24-4f30-b933-9d596b4c5a3e

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=google HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=6v4whH0kTzC5M51Za0xaPg== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEBFpHjT-m0Rg1S19OArcR-I&google_cver=1

Request Chain 64

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eafe3084-7d24-4f30-b933-9d596b4c5a3e

Request Chain 65

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=triplelift HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 66

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=appnexus HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=appnexus HTTP 302
https://ib.adnxs.com/setuid?entity=388&code=eafe3084-7d24-4f30-b933-9d596b4c5a3e

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&user_group=1&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&user_group=1&expires=30 HTTP 302
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id= HTTP 302
https://ads3.admatic.com.tr/user?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id=

Request Chain 68

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pubmatic HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 69

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=admixer HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&consent=&gdpr_pd=

Request Chain 70

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=rubicon HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=d4efa60e-1646-4c2a-a351-39857698c4ee&expires=30

Request Chain 71

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=adconductor HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=adconductor HTTP 302
https://sync.1rx.io/usersync/bidswitch/d4efa60e-1646-4c2a-a351-39857698c4ee?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/d4efa60e-1646-4c2a-a351-39857698c4ee?zcc=1&dspret=0&cb=1618430666346 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ecefb127-f501-4a53-8ec4-aa4945f7c92d-003

Request Chain 72

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=gumgum2 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=d4efa60e-1646-4c2a-a351-39857698c4ee

Request Chain 73

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=outbrain HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=outbrain HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 83

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

Request Chain 85

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216 HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216&firsttime=1

Request Chain 86

https://p.crm4d.com/sync/ematch/getuid?uid=161843066324895216&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID HTTP 303
https://p.crm4d.com/sync/ematch/getuid?uid=161843066324895216&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1 HTTP 303
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=STkhHNEVCcYhkvrP9oCrb9YNdKJUv1VZCdJM-8tDZ_M

Request Chain 93

https://secure.adnxs.com/getuid?https%3A%2F%2Ftracking.kdata.fr%2Fsync%3Feditor%3Dappnexus%26id_sync%3D$UID%26customer%3Dcapitaldata_crm HTTP 302
https://tracking.kdata.fr/sync?editor=appnexus&id_sync=5152528317662335851&customer=capitaldata_crm

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
felixassurance.com/ 139 KB
140 KB 105ms
66ms Document
text/html 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: d7ba7163e0fa9eecb0046ad0c5cb59f20bf29b945e120b7e5cefa070aea49b8a

Request headers

Host: felixassurance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:20 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
Upgrade: h2,h2c
Connection: Upgrade, close
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK font-awesome.min5152.css
felixassurance.com/css/fonts/ 27 KB
27 KB 65ms
51ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/fonts/font-awesome.min5152.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: fc523a141014689bfdcf1a5161a574eeb0d122aa9c845456ea6d6e6d2740d403

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Tue, 08 Nov 2016 14:56:55 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "6b2e-540cb59f01bc0"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 27438

GET
H/1.1 200
OK app5152.css
felixassurance.com/css/ 64 KB
64 KB 66ms
51ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/app5152.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 4129ffc19e794066985d0ae5f70862d159b7d8215b94680b96f90572cb2d3283

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 09:02:18 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "10080-578f5be43fa80"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 65664

GET
H/1.1 200
OK style5152.css
felixassurance.com/css/ 20 KB
21 KB 67ms
51ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/style5152.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 80e25784d5f44f770d125fe753d9335c0a5c4cdc692992f49059810a33723015

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 08:59:25 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5162-578f5b3f43540"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 20834

GET
H/1.1 200
OK form1c9b.css
felixassurance.com/css/ 25 KB
25 KB 71ms
55ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/form1c9b.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 4a663607d4bc3e0b35cb3e8af3fe429ea4163ef9ac90627213d9669549c4b9a1

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 09:19:08 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "64a1-578f5fa775b00"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 25761

GET
H/1.1 200
OK default.css
felixassurance.com/css/ 7 KB
7 KB 67ms
51ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/default.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 88306c89ab4760e1419984aa8f59e69001fe6608e1aac557c51415e757023ff6

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Mon, 21 Dec 2020 10:40:53 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "1c8c-5b6f7179e9740"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 7308

GET
H/1.1 200
OK reset.css
felixassurance.com/css/ 2 KB
2 KB 128ms
50ms Stylesheet
text/css 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/reset.css
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 12c4e790cc57a643f00f212a026e3015ca2a07ea0a39cf9b7dfedc7949790747

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Fri, 18 May 2018 14:16:53 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "61d-56c7b9a88ff40"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1565

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
oui-assure.net/js/ 91 KB
92 KB 114ms
30ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/jquery-1.8.3.min.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 14 Oct 2015 10:00:46 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "16dc5-5220da2df0f80"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 93637

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
676 B 21ms
17ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dc388686a1e70d77ae6db25d11b25343184b354fcb1c1d2a101d8f617a8ec52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Wed, 14 Apr 2021 20:04:21 GMT

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.min.js Show response
oui-assure.net/js/ 232 KB
233 KB 113ms
29ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/jquery-ui-1.9.2.custom.min.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: eb6eabe7796192c4d74dceca9a3a7080c8b3d93ae89585f9a6cff49890a58fb1

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 14 Oct 2015 10:00:46 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "3a118-5220da2df0f80"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 237848

GET
H/1.1 200
OK jquery.ui.datepicker-fr.js Show response
oui-assure.net/js/ 1 KB
1 KB 113ms
29ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/jquery.ui.datepicker-fr.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 6b392bebb416b3de2ec6212a0f322b603f1346c84a44f69547695fc8c2e47d97

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 14 Oct 2015 10:00:48 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "407-5220da2fd9400"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1031

GET
H/1.1 200
OK jquery.maskedinput-1.3.min.js Show response
oui-assure.net/js/ 6 KB
6 KB 113ms
30ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/jquery.maskedinput-1.3.min.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 25 Oct 2018 14:38:14 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "18ae-5790e8d7f8180"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6318

GET
H/1.1 200
OK jquery.numeric.js Show response
oui-assure.net/js/ 8 KB
9 KB 176ms
31ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/jquery.numeric.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: ca931980a8224b010b1aee7069208b8e89d0a3a0b202592bc55a7c1a67a741ec

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Mon, 19 Oct 2015 16:54:18 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "21d9-52277fefd0280"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 8665

GET
H/1.1 200
OK verify_tel.js Show response
oui-assure.net/js/ 918 B
1 KB 178ms
31ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/js/verify_tel.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 7bc026188b43edcf94ebc903abb742d09cbd6ce84d9ada4218e8f07058dbd703

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Mon, 31 Jul 2017 10:35:44 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "396-5559a97d20000"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 918

GET
H/1.1 200
OK captcha_function.js Show response
oui-assure.net/captcha/js/ 764 B
1 KB 218ms
31ms Script
application/javascript 52.29.63.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oui-assure.net/captcha/js/captcha_function.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.63.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-121.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 8b482b663835f1b69de5b98e5b669a9e364db3beaf1feb23e6373ee4a4162d19

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 23 Jul 2020 14:31:28 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "2fc-5ab1cb6365000"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 764

GET
H/1.1 200
OK fct_js_plateforme_newV1.js Show response
felixassurance.com/js/ 22 KB
22 KB 154ms
61ms Script
application/javascript 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/js/fct_js_plateforme_newV1.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: d57a3719129938ea166c498d2dd7a3628036c7c964a55c6d9979af86fcf1b6a3

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Tue, 28 Jul 2020 10:28:53 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5819-5ab7de7df8340"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 22553

GET
H/1.1 200
OK 1708b1830ad04b63767 Show response
sync.bidpro.io/tracing/ 31 KB
31 KB 1333ms
95ms Script
text/plain 195.181.167.173
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bidpro.io/tracing/1708b1830ad04b63767
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.181.167.173 Madrid, Spain, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-195-181-167-173.datapacket.com
Software: nginx /
Resource Hash: bb98f3b92e59ee90b12fcf8a8e9bd4cc9a02e2f39afc786a63972f06e15fc097

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:06:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 31560

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 26ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135913608-1

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

252fa30ee8306bd8c39e4e77a8c63bf2873b9cddf337ef2fbe948499b445bd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39182
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 18:01:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 20:04:21 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=12498404&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12498404%26t%3D1

0
1021 B

33ms
32ms

Script
application/javascript

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12498404%26t%3D1

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:21 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.238:80
AN-X-Request-Uuid: 64f8e9ca-b834-450c-bbc2-47a857bc1af5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:21 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid: ef9ea6b9-3940-48d8-901f-6460b232e8b8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12498404%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jquery.cookiemsg.js Show response
d390gshugb75wr.cloudfront.net/js/ 2 KB
2 KB 73ms
30ms Script
application/javascript 2600:9000:20e8:de00:15:22d9:2ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d390gshugb75wr.cloudfront.net/js/jquery.cookiemsg.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:de00:15:22d9:2ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7688b17c39239f2a83c5ba37a7d3af924315a9ade480f3eef5b00a313a8030e0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
via: 1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jun 2018 07:37:08 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "e286c9fa7a4f51fb5670af821b405944"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1670
x-amz-cf-id: HHdCRZIkjG2ReHpZdJqTPGyFOJ6wZIbBWZvz258rQmSWiDbCQxXuSA==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 47ms
28ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3470
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 63ff8af0fe264abd-FRA
cf-request-id: 0973952a9a00004abd05391000000001
expires: Sat, 17 Apr 2021 20:04:21 GMT

GET
H/1.1 200
OK logo.jpg
felixassurance.com/images/ 18 KB
18 KB 61ms
47ms Image
image/jpeg 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/logo.jpg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 608ad6659ae73d2251ae13ea4181e9da8aa2a476170b1b9dc0249a22e4b26f62

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 10 Nov 2016 15:42:46 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "4783-540f43997c980"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 18307

GET
H/1.1 200
OK img_offre.jpg
felixassurance.com/images/ 75 KB
76 KB 61ms
47ms Image
image/jpeg 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/img_offre.jpg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: f169d6d6a5ca2989d9ca60cefcdd30dd4ca630e9fbaecc65ae049a752263df1f

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 09 Feb 2017 11:49:21 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "12d38-5481792639240"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 77112

GET
H/1.1 200
OK ekomi.jpg
felixassurance.com/images/ 27 KB
27 KB 78ms
64ms Image
image/jpeg 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/ekomi.jpg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: fa4a9c667a6c76f77824c94e1ef5026a018ea3d4b2f71f4cd92ac76c6f1397d7

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 10 Nov 2016 15:46:28 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "6b09-540f446d33d00"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 27401

GET
H/1.1 200
OK logomongustave.png
felixassurance.com/images/ 9 KB
9 KB 67ms
54ms Image
image/png 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/logomongustave.png
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 452fa66576ad84267f446c6477c7261fe9cd96c033b5dbdd50920c89d32bfa02

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Mon, 21 Dec 2020 09:28:29 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "23aa-5b6f614b26940"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9130

GET
H/1.1 200
OK date-fr-FR1c9b.js Show response
felixassurance.com/v2/js/ 30 KB
30 KB 58ms
47ms Script
application/javascript 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/v2/js/date-fr-FR1c9b.js
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: d845b73477dbeb9ec3c3966783433916bea81a885f681cb62866b0ea6b0a6e82

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Tue, 08 Nov 2016 14:56:55 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "77cb-540cb59f01bc0"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 30667

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 40ms
37ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=7254408&t=2

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:21 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: 2ef1de16-8e0e-4e92-bedc-a7e8276b9814
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ 334 KB
130 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://felixassurance.com
Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22711
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:45:50 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 20ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 14 Apr 2021 20:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: 2Q+m8rF8CIRsFBq8APY+2ULvs03Dy4q5y6Uej5jx4dkg8U6wojO1axgdJ/Ph93hpzZqdafHLg1Y=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 2GY60W69T2Z7VK0X
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1

200
OK

/ Show response
u.logbor.com/p/
Redirect Chain

http://u.logbor.com/p/?i=3169&n=__dot
https://u.logbor.com/p/?i=3169&n=__dot

6 KB
3 KB

376ms
298ms

Script
text/javascript

89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=3169&n=__dot

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

14a40a386e5abdb757229af157d365bf414f1f01c786173a88dc1e7c572dfa06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"181e-oOzVZu7trBwl0bM7v2yYLeF4qLk"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://u.logbor.com/p/?i=3169&n=__dot
Date: Wed, 14 Apr 2021 20:04:21 GMT
Server: nginx/1.14.0
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H2 200 hotjar-1480956.js Show response
static.hotjar.com/c/ 3 KB
2 KB 171ms
82ms Script
application/javascript 99.84.156.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1480956.js?sv=6

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.156.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-156-104.txl52.r.cloudfront.net

Software

Resource Hash

b860833a70ba647b6830bd7247a63ef8d567e032bf638ac8e315d516a1007aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: TXL52-C1
etag: W/0fb21808d16e10ea554e18c9fe5acd59
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1533
via: 1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
x-amz-cf-id: JmZHHrvDkFLE30bNlVxgN_Jzhi54qg6Pcft6PBzRWrjw5amvvW4qvQ==

GET
H2 200 02eyolxdkz Show response
secureanalytic.com/scripts/push/script/ 7 KB
3 KB 435ms
406ms Script
application/javascript 2606:4700:e6::ac40:c71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureanalytic.com/scripts/push/script/02eyolxdkz?url=felixassurance.com

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a3c4d07a47a862114b624164bfbd348ccec3391f73b40be5e1df567e36a67d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0973952acc00004dd64e2df000000001
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uqhs5ts0zgma1vT6cccpzBSj70W2ZioqyY61qSakrEgtk1QUGyH%2ByTMsLhIFV3drm%2FU9r5RFC1AmfOYFyxeKyE3CeDyF%2Bh5BvZGgtmrdOYVc9H9VZ30PTjdTuX18SdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 63ff8af14da04dd6-FRA
expires: 0

GET
H/1.1 200
OK icon-dog.svg
felixassurance.com/images/ 2 KB
2 KB 58ms
46ms Image
image/svg+xml 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/icon-dog.svg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/form1c9b.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 4cf9a0e8ba3dc84b6873b5cd4d62ae95f29f6cbed2dd1c2043c418dcf6e1c080

Request headers

Referer: http://felixassurance.com/css/form1c9b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 08:55:13 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "6d1-578f5a4eefe40"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1745

GET
H/1.1 200
OK icon-cat.svg
felixassurance.com/images/ 2 KB
2 KB 62ms
51ms Image
image/svg+xml 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/icon-cat.svg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/form1c9b.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 5ccda1a65fe518c355d1311838607d427070821dbab7b3cd5856b2fa232ecbcf

Request headers

Referer: http://felixassurance.com/css/form1c9b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 08:55:25 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "8bf-578f5a5a61940"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 2239

GET
H/1.1 200
OK icon-nac.svg
felixassurance.com/images/ 2 KB
2 KB 80ms
46ms Image
image/svg+xml 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/icon-nac.svg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/form1c9b.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: aa7adb48a6f393a67910ae1192f019b1b285e6625b479adb2eb11956c3155ab6

Request headers

Referer: http://felixassurance.com/css/form1c9b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Wed, 24 Oct 2018 08:55:35 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "84a-578f5a63eafc0"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 2122

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3080313b4ebe824ee784f46a3387cd7a9108dc74a849d5cd574c47790977e229

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK arrow-right.svg
felixassurance.com/images/icons/ 610 B
913 B 55ms
46ms Image
image/svg+xml 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/icons/arrow-right.svg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/style5152.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: bcef1950559e5daf73c6ab492a3a7fd1c4cc43690e6cf53e338d8fd78a34d072

Request headers

Referer: http://felixassurance.com/css/style5152.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Sat, 12 Nov 2016 13:12:26 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "262-5411a5ba44280"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 610

GET
H/1.1 200
OK puce.jpg
felixassurance.com/images/ 2 KB
3 KB 76ms
46ms Image
image/jpeg 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://felixassurance.com/images/puce.jpg
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/default.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 263dabec732b7756a1fc48384a355df0811c07396ac9f41395547ebef18d8c6e

Request headers

Referer: http://felixassurance.com/css/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Thu, 10 Nov 2016 15:45:41 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "965-540f444061340"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 2405

GET
H/1.1 200
OK fontawesome-webfont3295.html
felixassurance.com/css/fonts/ 55 KB
56 KB 64ms
52ms Font
text/html 52.28.142.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://felixassurance.com/css/fonts/fontawesome-webfont3295.html?v=4.5.0
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/css/fonts/font-awesome.min5152.css
Protocol: HTTP/1.1
Server: 52.28.142.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-142-34.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8

Request headers

Origin: http://felixassurance.com
Referer: http://felixassurance.com/css/fonts/font-awesome.min5152.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Last-Modified: Fri, 11 Nov 2016 11:42:37 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "ddcc-54104fc974540"
Upgrade: h2,h2c
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 56780

GET
H/1.1 200
OK Cookie set aff.php Show response
www.trck20.fr/tr/ Frame 028E 507 B
959 B 1431ms
1334ms Document
text/html 52.28.144.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trck20.fr/tr/aff.php?identifiant=Y2FtcGFnbmU9YWNjZXMtZGlyZWN0X0ZlbGl4IGFzc3VyYW5jZV9WaXN1ZWw=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.144.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-144-62.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 2c53599b0267e595abfa36bd184de2e70bb383fedc134e7269770b060dd930cf

Request headers

Host: www.trck20.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://felixassurance.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://felixassurance.com/

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With
Set-Cookie: identifiant=Y2FtcGFnbmU9YWNjZXMtZGlyZWN0X0ZlbGl4IGFzc3VyYW5jZV9WaXN1ZWw%3D; expires=Thu, 15-Apr-2021 06:04:21 GMT; Max-Age=36000
Content-Length: 507
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK cookiemsg.php Show response
www.weedoit.fr/cookieCNIL/ 472 B
637 B 213ms
64ms XHR
text/html 52.209.237.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weedoit.fr/cookieCNIL/cookiemsg.php
Requested by: Host: oui-assure.net
URL: https://oui-assure.net/js/jquery-1.8.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.237.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-237-98.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: fcff5612d0ff269ef5f8790986cdfc5a90401a44b3cb5573671de9cc7891ec6a

Request headers

Accept: text/html, */*; q=0.01
Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with
Content-Length: 317

GET
H2 200 10078085.json Show response
s.yimg.com/wi/config/ 2 B
493 B 122ms
107ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10078085.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: Q0FHV12J0N0QF7F9
x-amz-id-2: iGHIVSugXKtxWNox8fn8mPbi3jXfbx2JOsud4hLPsgQrFouh5pEXjpjH72+Y2KD3xKyiWnht2IY=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E9E0 19 KB
10 KB 74ms
60ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32a6479f197dda38bf71bc2e2c7209d30aa7598d374ad8ec9a843039aac644c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FTI2c4CVjBkhmbvB1S4J2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://felixassurance.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://felixassurance.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Apr 2021 20:04:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-FTI2c4CVjBkhmbvB1S4J2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10199
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135913608-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4267
date: Wed, 14 Apr 2021 18:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 14 Apr 2021 20:53:14 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
388 B 48ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1565018237&t=pageview&_s=1&dl=http%3A%2F%2Ffelixassurance.com%2F&ul=en-us&de=UTF-8&dt=F%C3%A9lix%20Assurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=246574516&gjid=2072570960&cid=1714825867.1618430661&tid=UA-135913608-1&_gid=94268129.1618430661&_r=1&gtm=2ou3v0&z=172665458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://felixassurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5e37784fe3302c2578d8.js Show response
script.hotjar.com/ 218 KB
58 KB 124ms
47ms Script
application/javascript 99.84.156.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5e37784fe3302c2578d8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1480956.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.156.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-156-4.txl52.r.cloudfront.net

Software

Resource Hash

be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95594
x-cache: Hit from cloudfront
content-length: 58942
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 17:30:39 GMT
etag: "f06a24b93b2f2e5b46ec94292a2d8286"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: mYYBALmULeuBbcfOymUaC5oN-k23f4qIRqPLuEuLzJ-W_pjnjpSqUw==

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame E9E0 50 KB
25 KB 35ms
21ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
age: 1853
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25497
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:33:28 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame E9E0 334 KB
130 KB 36ms
23ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22711
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 13:45:50 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 0600 1 KB
1 KB 121ms
43ms Document
text/html 99.84.156.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1480956.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-56.txl52.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://felixassurance.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://felixassurance.com/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81db6db0bc548ca5046f3395364a3667.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: mFoZ7F2XJ9mEESaeVW1ZDeX14tq8tX6Qt3KsxUXfMhSYC_eVLJegAg==
age: 1310029

GET
H3-Q050 200 1WCIDWTNbCKChqewkQcA8N0ytqV1gIFiu2YL9uG6ltk.js Show response
www.google.com/js/bg/ Frame E9E0 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/1WCIDWTNbCKChqewkQcA8N0ytqV1gIFiu2YL9uG6ltk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d560880d64cd6c228286a7b0910700f0dd32b6a575808162bb660bf6e1ba96d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 2743
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:18:38 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E9E0 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 16:01:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 100954
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 20 Apr 2021 16:01:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9E0 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 295243
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9E0 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 22:43:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 508876
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 08 Apr 2022 22:43:05 GMT

GET
H2 200 themes.css
d390gshugb75wr.cloudfront.net/css/ 2 KB
3 KB 29ms
28ms Stylesheet
text/css 2600:9000:20e8:de00:15:22d9:2ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d390gshugb75wr.cloudfront.net/css/themes.css
Requested by: Host: oui-assure.net
URL: https://oui-assure.net/js/jquery-1.8.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:de00:15:22d9:2ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c20c6fa6fa3999a886979c4bcc438755dbcc50e9831b274b2dd3f1ad9a16c34

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:01:32 GMT
via: 1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jun 2018 12:19:11 GMT
server: AmazonS3
age: 170
etag: "fe27f15f15fe688e0ebb0dfd0370ac2f"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 2450
x-amz-cf-id: kh-cBcHIx26sOBe294jUs13BZ6BY8TaX2vQUwtDR27BW80NjyOVUgg==

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame E9E0 102 B
239 B 15ms
14ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6fqsZAAAAANp7GtvA7wZtbuPjxf0vzEPCwpCw&co=aHR0cDovL2ZlbGl4YXNzdXJhbmNlLmNvbTo4MA..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=9a5c6rz2wemz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 14 Apr 2021 20:04:21 GMT

GET
H2 200 cookiepol-close.png
d390gshugb75wr.cloudfront.net/images/ 1 KB
2 KB 40ms
40ms Image
image/png 2600:9000:20e8:de00:15:22d9:2ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d390gshugb75wr.cloudfront.net/images/cookiepol-close.png
Requested by: Host: d390gshugb75wr.cloudfront.net
URL: https://d390gshugb75wr.cloudfront.net/css/themes.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:de00:15:22d9:2ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203362ea00385031d1b26253b3fbe73a28833e4d215521601fbaa2edbe5a6c0f

Request headers

Referer: https://d390gshugb75wr.cloudfront.net/css/themes.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:01:51 GMT
via: 1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jun 2018 09:02:40 GMT
server: AmazonS3
age: 151
etag: "ef0b62c9d5b4bd133dc4d1440ff54aab"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 1296
x-amz-cf-id: pb_fEJFxT2_NYyO5pWJgp2jQsFdr46Z3w-NtC0Qrkf6chgYJ2SHCXA==

OPTIONS
H2 200 4og3z88e3w
event.smpush.com/register/event_log/ Frame 0
0 633ms
388ms Preflight 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.smpush.com/register/event_log/4og3z88e3w
Protocol: H2
Server: 2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://felixassurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Apr 2021 20:04:22 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://felixassurance.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
cf-request-id: 0973952daa00002b7d822e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qzSaW8%2BFo5E4RW4cvuf1ZbpFYJDxlJapuqF7GP%2FdZbzpX0BG%2FVkG%2Fk1SUmpSM9HbcQ6J7titUmCbdwR23beBTcwYNSjsGfylT4JreN9NoMzx81sT8NlEjnpvBPM1"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63ff8af5de392b7d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 4og3z88e3w
event.smpush.com/register/event_log/ 0
0 104ms
104ms Fetch 2606:4700:3035::6815:4cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.smpush.com/register/event_log/4og3z88e3w

Requested by

Host: secureanalytic.com
URL: https://secureanalytic.com/scripts/push/script/02eyolxdkz?url=felixassurance.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 14 Apr 2021 20:04:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AggW5I0IoPmlW2Wnk1tntYKZ318Q1%2FqCkEMwBmiw5o2rC9NGEJKDRZ0FmyDbrBmQtx%2FOg4i5JoXdZo5BbRKmHKnRXkxIY%2BJjvuu6wGpd8rg5ZGJbcs09AHKoFmE8"}]}
access-control-allow-origin: http://felixassurance.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-request-id: 0973952f2c00002b7d82307000000001
access-control-allow-credentials: true
cf-ray: 63ff8af84c422b7d-FRA
x-pushplatformapp-params

GET
H/1.1

200
OK

tcs Show response
u.logbor.com/
Redirect Chain

http://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053
https://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053

4 KB
1 KB

41ms
41ms

Script
text/javascript

89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx/1.14.0 /

Resource Hash

d940e4c7472e97d98c80936af502d96cb8dd9b26da8e841221db73e1aebc383d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
ETag: W/"e16-D1JDmSFMPwHQ/9x6Ep3wiolWvSo"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://u.logbor.com/tcs?cxid=3169&cu=http%3A%2F%2Ffelixassurance.com%2F&d_categoryID=15053&d_productID=15053&d_cartProductsID=15053&d_cartAmount=15053&d_orderID=15053
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK mt.js Show response
asset.easydmp.net/mt/squadata/ Frame 028E 1 KB
1 KB 155ms
48ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/mt/squadata/mt.js?t=224782

Requested by

Host: www.trck20.fr
URL: https://www.trck20.fr/tr/aff.php?identifiant=Y2FtcGFnbmU9YWNjZXMtZGlyZWN0X0ZlbGl4IGFzc3VyYW5jZV9WaXN1ZWw=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.trck20.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 09:14:58 GMT
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC6_51A3C22:2F9D3
ETag: "6076b292-28f"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 655

GET
H/1.1 200
OK 1708b1830ad04b63767 Show response
sync.bidpro.io/tracing/ 4 KB
5 KB 56ms
55ms Script
application/javascript 195.181.167.173
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bidpro.io/tracing/1708b1830ad04b63767?fingerprint=d845e1aa8d35cfadaf8e6e0a0d1b4474&fpResponse=1
Requested by: Host: sync.bidpro.io
URL: https://sync.bidpro.io/tracing/1708b1830ad04b63767
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.181.167.173 Madrid, Spain, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-195-181-167-173.datapacket.com
Software: nginx /
Resource Hash: 7fa6ad650096d37f3580c59bf985362f2c85ed0f6590a9950ee4469e536961cc

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:06:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 4321
Content-Type: application/javascript

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 53ms
39ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: sync.bidpro.io
URL: https://sync.bidpro.io/tracing/1708b1830ad04b63767?fingerprint=d845e1aa8d35cfadaf8e6e0a0d1b4474&fpResponse=1

Protocol

HTTP/1.1

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

89a2a982db2be532502d26ea6c2e9a1780629d8fa6313d6cd6218f0d1013b2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2070225942170567526
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 16595
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 20:04:23 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=smartadserver
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&gdpr=&gdpr_consent=

43 B
684 B

103ms
33ms

Image
image/gif

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&gdpr=&gdpr_consent=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:22 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&gdpr=&gdpr_consent=
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pulsepoint
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pulsepoint
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=eafe3084-7d24-4f30-b933-9d596b4c5a3e

49 B
717 B

307ms
103ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=eafe3084-7d24-4f30-b933-9d596b4c5a3e

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-mmh4r
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=eafe3084-7d24-4f30-b933-9d596b4c5a3e
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=google
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=6v4whH0kTzC5M51Za0xaPg==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEBFpHjT-m0Rg1S19OArcR-I&google_cver=1

43 B
145 B

32ms
32ms

Image
image/gif

3.120.242.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEBFpHjT-m0Rg1S19OArcR-I&google_cver=1
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.242.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEBFpHjT-m0Rg1S19OArcR-I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eafe3084-7d24-4f30-b933-9d596b4c5a3e

0
229 B

86ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eafe3084-7d24-4f30-b933-9d596b4c5a3e
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Wed, 14 Apr 2021 20:04:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 15075

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eafe3084-7d24-4f30-b933-9d596b4c5a3e
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=triplelift
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

37 B
351 B

32ms
32ms

Image
image/gif

18.184.39.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.39.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-39-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2409&xuid=eafe3084-7d24-4f30-b933-9d596b4c5a3e&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=appnexus
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=appnexus
https://ib.adnxs.com/setuid?entity=388&code=eafe3084-7d24-4f30-b933-9d596b4c5a3e

43 B
1 KB

92ms
30ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=388&code=eafe3084-7d24-4f30-b933-9d596b4c5a3e

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: 5717e2a1-659c-4c80-be5c-c40c9daf5f9c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: //ib.adnxs.com/setuid?entity=388&code=eafe3084-7d24-4f30-b933-9d596b4c5a3e
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

user
ads3.admatic.com.tr/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&user_group=1&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&user_group=1&expires=30
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id=
https://ads3.admatic.com.tr/user?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id=

35 B
87 B

57ms
55ms

Image
image/gif

188.132.147.228
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.admatic.com.tr/user?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.132.147.228 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-228-147-132-188.sadecehosting.net
Software: AdMatic / AdMatic
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:21 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server: AdMatic
timing-allow-origin: *
x-powered-by: AdMatic
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:21 GMT
timing-allow-origin: *
location: https://ads3.admatic.com.tr/user?bsw_uuid=d4efa60e-1646-4c2a-a351-39857698c4ee&dsp_uuid=&dsp_id=
x-powered-by: AdMatic
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://felixassurance.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 221
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pubmatic
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

131ms
32ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
X-lat: lhrpug008:0:409
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=admixer
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&consent=&gdpr_pd=

43 B
448 B

61ms
19ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&consent=&gdpr_pd=

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&consent=&gdpr_pd=
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=rubicon
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=rubicon
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=d4efa60e-1646-4c2a-a351-39857698c4ee&expires=30

42 B
786 B

76ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=d4efa60e-1646-4c2a-a351-39857698c4ee&expires=30
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=d4efa60e-1646-4c2a-a351-39857698c4ee&expires=30
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

RX-ecefb127-f501-4a53-8ec4-aa4945f7c92d-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=adconductor
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=adconductor
https://sync.1rx.io/usersync/bidswitch/d4efa60e-1646-4c2a-a351-39857698c4ee?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/d4efa60e-1646-4c2a-a351-39857698c4ee?zcc=1&dspret=0&cb=1618430666346
https://sync.targeting.unrulymedia.com/csync/RX-ecefb127-f501-4a53-8ec4-aa4945f7c92d-003

43 B
452 B

144ms
37ms

Image
image/gif

213.19.147.151
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-ecefb127-f501-4a53-8ec4-aa4945f7c92d-003
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:26 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:26 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-ecefb127-f501-4a53-8ec4-aa4945f7c92d-003
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=gumgum2
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=d4efa60e-1646-4c2a-a351-39857698c4ee

35 B
238 B

126ms
43ms

Image
image/gif

54.246.18.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=d4efa60e-1646-4c2a-a351-39857698c4ee
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:23 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=d4efa60e-1646-4c2a-a351-39857698c4ee
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=outbrain
https://x.bidswitch.net/ul_cb/sync?dsp_id=395&user_id=d845e1aa8d35cfadaf8e6e0a0d1b4474&expires=30&ssp=outbrain
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
472 B

420ms
107ms

Image
text/plain

64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Cache-Control: no-cache
X-TraceId: 8d8bf63e813623d35a18a94814bc5d23
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=d4efa60e-1646-4c2a-a351-39857698c4ee&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Wed, 14 Apr 2021 20:04:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ Frame 028E 9 KB
4 KB 33ms
33ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=224782

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2522fed30cc3939843055db41498c0ddaf3f6842204d42ef8f0af70d6d190a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.trck20.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 09:14:58 GMT
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C26:2F9D3
ETag: "6076b292-e8e"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3726

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/764688317/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/764688317/?random=1618430663081&cv=9&fst=1618430663081&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Ffelixassurance.com%2F&tiba=F%C3%A9lix%20Assurance&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8085042766681c37c23ebf2412daedc3a815945029b5da1bb01a416adbba9c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 988
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/764688317/ 42 B
292 B 31ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/764688317/?random=1618430663081&cv=9&fst=1618430400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Ffelixassurance.com%2F&tiba=F%C3%A9lix%20Assurance&fmt=3&is_vtc=1&random=1456895141&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/764688317/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/764688317/?random=1618430663081&cv=9&fst=1618430400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Ffelixassurance.com%2F&tiba=F%C3%A9lix%20Assurance&fmt=3&is_vtc=1&random=1456895141&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:04:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 2BA6 26 KB
9 KB 35ms
35ms Document
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=224782

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

777642c1bf424ec550b2aafe40fd15a62ca0eee3f76d23e087171bb359a3d802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: asset.easydmp.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.trck20.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.trck20.fr/

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 14 Apr 2021 09:14:58 GMT
Transfer-Encoding: chunked
ETag: W/"6076b292-63c6"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C28:2F9D3
X-IPLB-Instance: 25257

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 2BA6 0
416 B 33ms
33ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: only-if-cached
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C2B:2F9D3
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 2BA6 109 B
569 B 40ms
39ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

064d99c9e1f93f28761819d3ce1bf490ab7d22e6c9176ed476646d4f314e76e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C30:2F9D3
X-UID: 161843066324895216
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 2BA6 84 B
530 B 75ms
74ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

8c52a38e423b9eed2db1b79cfc02189878b88867f10315b47fe54922827f4396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpRm9mKP54sudk2qDqpj8JEvEBcptM6XBgCqZAlN;
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Warning: set

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C34:2F9D3
Etag: W/"6dd681c03e9e0793c11787d26d4752c6"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 2BA6 1 KB
1 KB 40ms
40ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

409fc0b948707c34c2f6715eabc519fecf8fc282a63731c4cc402ecb63d197a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C36:2F9D3
X-UID: 161843066324895216
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1

200
OK

getuid&callback=sqdComActOnGetTcId&firsttime=1 Show response
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 2BA6
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

126 B
811 B

30ms
29ms

Script
text/javascript

95.131.143.205
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.131.143.205 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

Software

web /

Resource Hash

6e8f5c39c618a79e61134e9e9492d89cef89eb0e652f99713fc318bbb8daa3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: private
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8', true
Keep-Alive: timeout=60
Expires: Tue, 13 Jul 21 22:04:23 +0200

Redirect headers

Pragma: private
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
Cache-Control: private, max-age=486000, pre-check=486000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/html
Keep-Alive: timeout=60
Content-Length: 20
Expires: Tue, 13 Jul 21 22:04:23 +0200

GET
H2 200 tag.min.js Show response
cdn.kdata.fr/squadata/ Frame 2BA6 4 KB
2 KB 85ms
27ms Script
application/javascript 46.105.203.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.kdata.fr/squadata/tag.min.js

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.105.203.81 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

07a6bdc7007d0b30cc6924d875aa5c2728b7d1e05d86a5d6063cd8420484fc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:26:32 GMT
content-encoding: br
last-modified: Tue, 18 Sep 2018 15:31:08 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: W/"5ba11a3c-11f2"
x-cacheable: Matched cache
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: max-age=86400
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 1913
x-request-id: 633209772
expires: Thu, 15 Apr 2021 13:26:32 GMT

GET
H/1.1

200
OK

161843066324895216&firsttime=1
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 2BA6
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216&firsttime=1

95 B
752 B

37ms
36ms

Image
image/png

95.131.143.205
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216&firsttime=1

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.131.143.205 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

Software

web /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: private
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: web
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Keep-Alive: timeout=60
Expires: Tue, 13 Jul 21 22:04:23 +0200

Redirect headers

Pragma: private
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/161843066324895216&firsttime=1
Cache-Control: private, max-age=486000, pre-check=486000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/html
Keep-Alive: timeout=60
Content-Length: 20
Expires: Tue, 13 Jul 21 22:04:23 +0200

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/ Frame 84B6
Redirect Chain

https://p.crm4d.com/sync/ematch/getuid?uid=161843066324895216&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID
https://p.crm4d.com/sync/ematch/getuid?uid=161843066324895216&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=STkhHNEVCcYhkvrP9oCrb9YNdKJUv1VZCdJM-8tDZ_M

43 B
747 B

37ms
36ms

Image
image/gif

145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=STkhHNEVCcYhkvrP9oCrb9YNdKJUv1VZCdJM-8tDZ_M

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C45:2F9D3
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=STkhHNEVCcYhkvrP9oCrb9YNdKJUv1VZCdJM-8tDZ_M
Date: Wed, 14 Apr 2021 20:04:23 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1 200
OK get Show response
sq.otooxo.com/tmpPds/ Frame 2BA6 28 B
415 B 169ms
33ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sq.otooxo.com/tmpPds/get?callback=callback153152548

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ba87ca5eeeb1ca98b1a0bb5c0e2297f8c9cd1614239d434c773b54890e7403ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:176A_91EFC135:01BB_60774AC7_518CF44:24DC1
Date: Wed, 14 Apr 2021 20:04:23 GMT
X-IPLB-Instance: 25144
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ Frame 2BA6 9 KB
4 KB 37ms
36ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=224782

Requested by

Host: cdn.kdata.fr
URL: https://cdn.kdata.fr/squadata/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2522fed30cc3939843055db41498c0ddaf3f6842204d42ef8f0af70d6d190a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 09:14:58 GMT
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C3C:2F9D3
ETag: "6076b292-e8e"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3726

POST
H/1.1 200
OK tag Show response
tracking.kdata.fr/ Frame 2BA6 574 B
1 KB 113ms
30ms XHR
text/plain 164.132.142.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.kdata.fr/tag

Requested by

Host: cdn.kdata.fr
URL: https://cdn.kdata.fr/squadata/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

164.132.142.74 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a37fc55c5338f6bb99e1103d0a22ed5e7ac4ca7de778632c593b601de9e44dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Methods: *
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://asset.easydmp.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 574

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 2BA6 390 B
906 B 38ms
38ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

26a465a7a57006be3f571548c51bc0ac6132c3521ee4cc7236222891059a38a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C49:2F9D3
X-UID: 161843066324895216
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 3A29 26 KB
9 KB 71ms
35ms Document
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=224782

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

777642c1bf424ec550b2aafe40fd15a62ca0eee3f76d23e087171bb359a3d802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: asset.easydmp.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ecdstpds1=000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpRm9mKP54sudk2qDqpj8JEvEBcptM6XBgCqZAlN%3B; capping=eyJlbWRtcGVhc3k6ZWFzeWRtcHN5bmN1aWQiOiIxNjE4NDMwNjYzIiwiZW1kbXBlYXN5OmdyYXBoaW5pdW1fc3luYyI6IjE2MTg0MzA2NjMiLCJlbWRtcGVhc3k6a2RhdGEiOiIxNjE4NDMwNjYzIn0%3D; easyCap=%7B%22d%22%3A%7B%22DTPR%22%3A%7B%22sq.otooxo.com%22%3A1618430663428%7D%7D%7D; livraison=000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpRm9mKP54sudk2qDqpj8JEvEBcplBZgVvWQd2cK5fOJ4eaTD3BiyQtnkg9g8siOYomOizNxdJUwN7HQiwt0d4jg8uKq4DBR41Fz4WFS4QzV54r3LogQ87WIjOdXzQqPchQXiPRmFWIPFUyVcGPkY8oUYfVNT04tkhVn884ycRW14QEA9U0fGQ%3D%3D%3B
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://asset.easydmp.net/client_iframe.html?t=224782

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 14 Apr 2021 09:14:58 GMT
Transfer-Encoding: chunked
ETag: W/"6076b292-63c6"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C4C:2F9D3
X-IPLB-Instance: 25257

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 2BA6 43 B
776 B 38ms
37ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=403&code=25d05379-8848-4a47-9767-bfb931c42d75

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: 00c336df-0087-47c6-a491-c8900514b57e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
tracking.kdata.fr/ Frame 2BA6
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Ftracking.kdata.fr%2Fsync%3Feditor%3Dappnexus%26id_sync%3D$UID%26customer%3Dcapitaldata_crm
https://tracking.kdata.fr/sync?editor=appnexus&id_sync=5152528317662335851&customer=capitaldata_crm

35 B
404 B

30ms
30ms

Image
image/gif

164.132.142.74
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.kdata.fr/sync?editor=appnexus&id_sync=5152528317662335851&customer=capitaldata_crm

Requested by

Host: felixassurance.com
URL: http://felixassurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

164.132.142.74 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 35

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid: b0bd7910-ea93-48d2-a0dd-f20c0bc56989
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://tracking.kdata.fr/sync?editor=appnexus&id_sync=5152528317662335851&customer=capitaldata_crm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 2BA6 360 B
753 B 67ms
33ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

8388fe55f0ff97927e80164c0e11936b04b3d98d9a67bc6e3265abb6081e3ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwFwVtPglAAAGA4cIJEj5AnwZjjJS9bW72wZW+YchlHN6DRkcu0dKxprUhdtln99r4vihxcXYsK+jo871o65wsLlO3s5TH6YyZGqeJPXeY6nuGCGE1yCRnBPf9OgREA7zXls/ncHNrarTm4noeuNav4lW/R7Fa74yq4PI1vKgtSzprTQbKodzY0HapyQuCZECuF5rAIrDGcvqyKbVs9IRvTHq/gXRv1G5ZXusw2DuGvZrPso8ZeRFZdcCgzSv1mLbxSMBtwbwptFcdlT9HDCSPm2V7+2NN+0AJPI/BD5bxxCM4JJLwDnRq0Hgyc+K4k4X1tSsg/qWs0jg==;
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Warning: set

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C4D:2F9D3
Etag: W/"6fb48e148e15f92b4b75b2d3780b1cb1"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 3A29 479 B
865 B 38ms
38ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a2a301daba60d3c904e76fb14d085ba6398e3be8df9f0db9d90dd311b4af125c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C52:2F9D3
X-UID: 161843066324895216
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 2BA6 452 B
823 B 34ms
33ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3c07de48fdad929db2e9c73858edcdb610720bbd13991e74ee84a3544d28da3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwFwVtPgmAAAFD4FCG5CIiKotGDt62teqBlLyUq4EQn4PDzTunUaS5NWbZ5+e2d4zi6QK0Ijvk9fh6SUqCBe8zwoE1PzhVpyruE8COxgVxdNoDLNEckI1uV4DcEsgXqX4PgcDJRVE18UUoPE9so98KN8B+h5Kl8jQLZG/cx7Jm7XrxV6nuR3BoO1ATbNzEed7m5qKMMWAlYazmb7zOJkLlWtNoMe80wxWi5vjOQvWtjF1FD0a6IppxyBNchUh004rR9zwmoFdhwMDk/TQucZDcRYjT02a0Pi1YSfFTBGbKj6NGKmZgZ1DGdxsodWeg3DJIUfDotjN80I0VmlSXfi5mAJsZ7fbb1fKxyu+DBuUXaV8lz0W4t1HbUCFTdqPh0Z3VgcczxKXwTI9vLy+Ig0UgL7TPPaarwnvoHHtJF4Q==;
Referer: https://asset.easydmp.net/client_iframe.html?t=224782
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Warning: set

Response headers

Date: Wed, 14 Apr 2021 20:04:23 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1722_91EFC135:01BB_60774AC7_51A3C5B:2F9D3
Etag: W/"dab3b4aa0b4faca871b53adcc8951f07"
X-IPLB-Instance: 25257
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK get Show response
sqdt.futurasciences.fr/tmpPds/ Frame 3A29 28 B
414 B 136ms
33ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sqdt.futurasciences.fr/tmpPds/get?callback=callback743932671

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c65d9678dbd6fec41565da4855224033a06adb209b77f64c0db07a0766eb77ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:177A_91EFC135:01BB_60774AC7_5195D13:0833
Date: Wed, 14 Apr 2021 20:04:23 GMT
X-IPLB-Instance: 25143
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK get Show response
rtg-sq.hopmailing.com/tmpPds/ Frame 2BA6 28 B
414 B 178ms
34ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg-sq.hopmailing.com/tmpPds/get?callback=callback288058692

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224782

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

670b7d18933ea49815f264ff6c4af543e26b6e3117382d846dc42ff80aa217bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 2578D564:1782_91EFC135:01BB_60774AC8_A24CFDF:1FCE
Date: Wed, 14 Apr 2021 20:04:24 GMT
X-IPLB-Instance: 36821
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
me.hunkal.com/p/ 9 KB
4 KB 131ms
66ms Script
text/javascript 89.185.38.83
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://me.hunkal.com/p/
Requested by: Host: felixassurance.com
URL: http://felixassurance.com/
Protocol: HTTP/1.1
Server: 89.185.38.83 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx/1.6.0 / Express
Resource Hash: 882ffdb85bdff21d5ac007ae2275b2bc2ae9c8dc7ab8d4e3cf38b5f2d9de26d9

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:26 GMT
Content-Encoding: gzip
ETag: W/"2455-hA18UQAJoEKQTW0Lh36O/mf8zRA"
Server: nginx/1.6.0
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK t Show response
me.hunkal.com/ 682 B
1 KB 40ms
40ms Script
text/javascript 89.185.38.83
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://me.hunkal.com/t?cxid=2510&cu=http%3A%2F%2Ffelixassurance.com%2F
Requested by: Host: u.logbor.com
URL: http://u.logbor.com/p/?i=3169&n=__dot
Protocol: HTTP/1.1
Server: 89.185.38.83 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx/1.6.0 / Express
Resource Hash: 5488620f2b35d09c41185675466d26aad886b2ff96bf4118aeb7d4b506e2435e

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:26 GMT
ETag: W/"2aa-HLTV/VL7P3PgvjEsuCv89y2ACBo"
Server: nginx/1.6.0
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 682

GET
H/1.1 200
OK it Show response
me.hunkal.com/ 0
326 B 46ms
46ms Script
text/javascript 89.185.38.83
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://me.hunkal.com/it?cx=2510&u=0
Requested by: Host: me.hunkal.com
URL: http://me.hunkal.com/p/
Protocol: HTTP/1.1
Server: 89.185.38.83 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx/1.6.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://felixassurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:04:26 GMT
Transfer-Encoding: chunked
Server: nginx/1.6.0
Connection: keep-alive
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.felixassurance.com/	1970-01-20 02:19:26	Name: _hjid Value: 445109a9-43ee-4b2a-9916-b0a7a914c498
.felixassurance.com/	1970-01-19 17:33:52	Name: _hjFirstSeen Value: 1
.easydmp.net/	1970-01-19 18:17:02	Name: easyCap Value: %7B%22d%22%3A%7B%22DTPR%22%3A%7B%22sq.otooxo.com%22%3A1618430663428%2C%22sqdt.futurasciences.fr%22%3A1618430663811%2C%22rtg-sq.hopmailing.com%22%3A1618430663957%7D%7D%7D
.felixassurance.com/	1970-01-19 17:33:50	Name: _gat_gtag_UA_135913608_1 Value: 1
.easydmp.net/	1970-01-20 02:18:07	Name: capping Value: eyJlbWRtcGVhc3k6ZWFzeWRtcHN5bmN1aWQiOiIxNjE4NDMwNjYzIiwiZW1kbXBlYXN5OmdyYXBoaW5pdW1fc3luYyI6IjE2MTg0MzA2NjMiLCJlbWRtcGVhc3k6a2RhdGEiOiIxNjE4NDMwNjYzIn0%3D
.felixassurance.com/	1970-01-19 17:35:17	Name: _gid Value: GA1.2.94268129.1618430661
.easydmp.net/	1970-01-19 17:52:33	Name: ecdstpds1 Value: 000000000000000002%3As%3A0%3AeJwFwVtPgmAAAFD4FCG5CIiKotGDt62teqBlLyUq4EQn4PDzTunUaS5NWbZ5%2Be2d4zi6QK0Ijvk9fh6SUqCBe8zwoE1PzhVpyruE8COxgVxdNoDLNEckI1uV4DcEsgXqX4PgcDJRVE18UUoPE9so98KN8B%2Bh5Kl8jQLZG%2Fcx7Jm7XrxV6nuR3BoO1ATbNzEed7m5qKMMWAlYazmb7zOJkLlWtNoMe80wxWi5vjOQvWtjF1FD0a6IppxyBNchUh004rR9zwmoFdhwMDk%2FTQucZDcRYjT02a0Pi1YSfFTBGbKj6NGKmZgZ1DGdxsodWeg3DJIUfDotjN80I0VmlSXfi5mAJsZ7fbb1fKxyu%2BDBuUXaV8lz0W4t1HbUCFTdqPh0Z3VgcczxKXwTI9vLy%2BIg0UgL7TPPaarwnvoHHtJF4Q%3D%3D%3B
.felixassurance.com/	1970-01-20 11:05:02	Name: _ga Value: GA1.2.1714825867.1618430661

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://secureanalytic.com/scripts/push/script/02eyolxdkz?url=felixassurance.com(Line 1) Message: Push messaging is not supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads3.admatic.com.tr
ads4.admatic.com.tr
asset.easydmp.net
bh.contextweb.com
cdn.kdata.fr
cdn.onesignal.com
cm.g.doubleclick.net
d390gshugb75wr.cloudfront.net
eb2.3lift.com
event.smpush.com
felixassurance.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
inv-nets.admixer.net
me.hunkal.com
oui-assure.net
p.crm4d.com
pixel.rubiconproject.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtg-sq.hopmailing.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
secureanalytic.com
simage2.pubmatic.com
sq.otooxo.com
sqdt.futurasciences.fr
static.hotjar.com
sync-t1.taboola.com
sync.1rx.io
sync.bidpro.io
sync.commander1.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tracking.kdata.fr
u.logbor.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.trck20.fr
www.weedoit.fr
x.bidswitch.net
141.226.228.48
142.250.186.130
145.239.193.53
145.239.211.22
146.0.227.110
164.132.142.74
172.217.18.98
18.184.39.197
185.33.220.145
185.33.221.52
185.64.190.80
185.86.137.110
188.132.147.228
195.181.167.173
198.148.27.140
213.19.147.151
2600:9000:20e8:de00:15:22d9:2ac0:21
2606:4700:3035::6815:4cc9
2606:4700::6812:e234
2606:4700:e6::ac40:c71e
2a00:1288:80:800::7000
2a00:1450:4001:801::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
3.120.242.149
46.105.203.81
52.209.237.98
52.28.142.34
52.28.144.62
52.29.63.121
54.246.18.165
64.202.112.127
69.173.144.165
89.185.38.83
89.185.38.89
95.131.143.205
99.84.156.104
99.84.156.4
99.84.156.56
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
064d99c9e1f93f28761819d3ce1bf490ab7d22e6c9176ed476646d4f314e76e0
07a6bdc7007d0b30cc6924d875aa5c2728b7d1e05d86a5d6063cd8420484fc2a
12c4e790cc57a643f00f212a026e3015ca2a07ea0a39cf9b7dfedc7949790747
14a40a386e5abdb757229af157d365bf414f1f01c786173a88dc1e7c572dfa06
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c20c6fa6fa3999a886979c4bcc438755dbcc50e9831b274b2dd3f1ad9a16c34
1dc388686a1e70d77ae6db25d11b25343184b354fcb1c1d2a101d8f617a8ec52
203362ea00385031d1b26253b3fbe73a28833e4d215521601fbaa2edbe5a6c0f
2522fed30cc3939843055db41498c0ddaf3f6842204d42ef8f0af70d6d190a11
252fa30ee8306bd8c39e4e77a8c63bf2873b9cddf337ef2fbe948499b445bd6a
263dabec732b7756a1fc48384a355df0811c07396ac9f41395547ebef18d8c6e
26a465a7a57006be3f571548c51bc0ac6132c3521ee4cc7236222891059a38a2
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2c53599b0267e595abfa36bd184de2e70bb383fedc134e7269770b060dd930cf
3080313b4ebe824ee784f46a3387cd7a9108dc74a849d5cd574c47790977e229
32a6479f197dda38bf71bc2e2c7209d30aa7598d374ad8ec9a843039aac644c9
3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625
3c07de48fdad929db2e9c73858edcdb610720bbd13991e74ee84a3544d28da3b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
409fc0b948707c34c2f6715eabc519fecf8fc282a63731c4cc402ecb63d197a2
4129ffc19e794066985d0ae5f70862d159b7d8215b94680b96f90572cb2d3283
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452fa66576ad84267f446c6477c7261fe9cd96c033b5dbdd50920c89d32bfa02
473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4a663607d4bc3e0b35cb3e8af3fe429ea4163ef9ac90627213d9669549c4b9a1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf9a0e8ba3dc84b6873b5cd4d62ae95f29f6cbed2dd1c2043c418dcf6e1c080
5488620f2b35d09c41185675466d26aad886b2ff96bf4118aeb7d4b506e2435e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ccda1a65fe518c355d1311838607d427070821dbab7b3cd5856b2fa232ecbcf
608ad6659ae73d2251ae13ea4181e9da8aa2a476170b1b9dc0249a22e4b26f62
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
670b7d18933ea49815f264ff6c4af543e26b6e3117382d846dc42ff80aa217bd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b392bebb416b3de2ec6212a0f322b603f1346c84a44f69547695fc8c2e47d97
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8f5c39c618a79e61134e9e9492d89cef89eb0e652f99713fc318bbb8daa3fd
7688b17c39239f2a83c5ba37a7d3af924315a9ade480f3eef5b00a313a8030e0
777642c1bf424ec550b2aafe40fd15a62ca0eee3f76d23e087171bb359a3d802
7bc026188b43edcf94ebc903abb742d09cbd6ce84d9ada4218e8f07058dbd703
7fa6ad650096d37f3580c59bf985362f2c85ed0f6590a9950ee4469e536961cc
8085042766681c37c23ebf2412daedc3a815945029b5da1bb01a416adbba9c71
80e25784d5f44f770d125fe753d9335c0a5c4cdc692992f49059810a33723015
8388fe55f0ff97927e80164c0e11936b04b3d98d9a67bc6e3265abb6081e3ea2
86a3c4d07a47a862114b624164bfbd348ccec3391f73b40be5e1df567e36a67d
882ffdb85bdff21d5ac007ae2275b2bc2ae9c8dc7ab8d4e3cf38b5f2d9de26d9
88306c89ab4760e1419984aa8f59e69001fe6608e1aac557c51415e757023ff6
89a2a982db2be532502d26ea6c2e9a1780629d8fa6313d6cd6218f0d1013b2e2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b482b663835f1b69de5b98e5b669a9e364db3beaf1feb23e6373ee4a4162d19
8c52a38e423b9eed2db1b79cfc02189878b88867f10315b47fe54922827f4396
a2a301daba60d3c904e76fb14d085ba6398e3be8df9f0db9d90dd311b4af125c
a37fc55c5338f6bb99e1103d0a22ed5e7ac4ca7de778632c593b601de9e44dc2
aa7adb48a6f393a67910ae1192f019b1b285e6625b479adb2eb11956c3155ab6
b860833a70ba647b6830bd7247a63ef8d567e032bf638ac8e315d516a1007aee
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
ba87ca5eeeb1ca98b1a0bb5c0e2297f8c9cd1614239d434c773b54890e7403ce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb98f3b92e59ee90b12fcf8a8e9bd4cc9a02e2f39afc786a63972f06e15fc097
bcef1950559e5daf73c6ab492a3a7fd1c4cc43690e6cf53e338d8fd78a34d072
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
c65d9678dbd6fec41565da4855224033a06adb209b77f64c0db07a0766eb77ad
c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7
ca931980a8224b010b1aee7069208b8e89d0a3a0b202592bc55a7c1a67a741ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d
d560880d64cd6c228286a7b0910700f0dd32b6a575808162bb660bf6e1ba96d9
d57a3719129938ea166c498d2dd7a3628036c7c964a55c6d9979af86fcf1b6a3
d7ba7163e0fa9eecb0046ad0c5cb59f20bf29b945e120b7e5cefa070aea49b8a
d845b73477dbeb9ec3c3966783433916bea81a885f681cb62866b0ea6b0a6e82
d940e4c7472e97d98c80936af502d96cb8dd9b26da8e841221db73e1aebc383d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6eabe7796192c4d74dceca9a3a7080c8b3d93ae89585f9a6cff49890a58fb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f169d6d6a5ca2989d9ca60cefcdd30dd4ca630e9fbaecc65ae049a752263df1f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fa4a9c667a6c76f77824c94e1ef5026a018ea3d4b2f71f4cd92ac76c6f1397d7
fc523a141014689bfdcf1a5161a574eeb0d122aa9c845456ea6d6e6d2740d403
fcff5612d0ff269ef5f8790986cdfc5a90401a44b3cb5573671de9cc7891ec6a

felixassurance.com Open in urlscan Pro 52.28.142.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

102 Requests

77 %HTTPS

31 %IPv6

41 Domains

48 Subdomains

44 IPs

9 Countries

1466 kBTransfer

2238 kBSize

8 Cookies

7 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

felixassurance.com Open in urlscan Pro
52.28.142.34 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

77 %
HTTPS

31 %
IPv6

41
Domains

48
Subdomains

44
IPs

9
Countries

1466 kB
Transfer

2238 kB
Size

8
Cookies

102 HTTP transactions
1 data transactions